e3d39619530e2f2843a8aac4a8b111be5cae69cb70cda04e2679f5324eb5ec30

Analysis

max time kernel
145s
max time network
129s
platform
windows7_x64
resource
win7-20240319-en
resource tags

arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
submitted
19/04/2024, 12:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
Size

1.8MB
MD5

fa458d62cbe8938cea095b5dff2c4098
SHA1

85ee46e93b20482192e5e66d392874c61358d87a
SHA256

e3d39619530e2f2843a8aac4a8b111be5cae69cb70cda04e2679f5324eb5ec30
SHA512

4801d5e818a8cd0f450021c8004a229df14028a1d4ff909a725b74b3bc9d956871b2f640251c26add429f3ab939d60686051758a59560b354bf6be056574b358
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHP:SCqm2Jpr0nNM7Dus7Nx2v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2184-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0008000000012239-5.dat	upx
behavioral1/memory/2184-679-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre7\lib\javafx.properties	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jre7\bin\decora-sse.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\ado\msado25.tlb	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\America\Matamoros	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jre7\lib\javaws.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcer.dll.mui	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\ado\msadox.dll	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Moncton.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\libEGL.dll.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Miquelon.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\El_Salvador.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
File created	C:\Program Files\Java\jre7\lib\javaws.jar.exe	fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fa458d62cbe8938cea095b5dff2c4098_JaffaCakes118.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\BlockWrite.wma

Filesize
1.8MB

MD5
c9dbc1afe5a2730f031f3c5aff2db5f5

SHA1
bfea8fe048bfd531f0c4bb856938de4eccfea0b2

SHA256
f6bffae12132d928ed92eeb7a30521a593dfae74693d2b3aa3698a41700131bc

SHA512
71ee68ca0ad0193a2f9c1b69f314b442bc53f467ca27a4083ae1c4de713677c35a7ff9da41006d241c06cf641983904324be98305155ecf2ec05607cb9a43234

Download Submit
memory/2184-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2184-679-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads