1350e9f2d7997db26cd3868fecd1e2f95950e23028cf5e501ef1545d4055d80c

Analysis

max time kernel
150s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04/05/2024, 19:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
Size

55KB
MD5

3ae9d2512ab749f7573c580eafc9a20a
SHA1

70092a33a06727d4ec8952f32c8a5c695051ee8a
SHA256

1350e9f2d7997db26cd3868fecd1e2f95950e23028cf5e501ef1545d4055d80c
SHA512

8b7d8e4eee5bbee2dd1165b3702b9798591976cbc25225161f6c6501096fd88b8c3a30f0857478d161ad913460a01267b8ce5ab49bde97047a52dcb240a84520
SSDEEP

768:W7BlpDpARFbhYQkQjjLaMaJjYJIJDYJIJJZwNq4l:W7ZDpApYbWjy0e+eaNp

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (577) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\Timeline_is.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\JSProfilerCore.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IpsMigrationPlugin.dll.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Internet Explorer\IEShims.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\ado\msadomd28.tlb.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\CopyUninstall.sql.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\PipeTran.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\7-Zip\Lang\en.ttt.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\ConnectEdit.otf.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jawt.h.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp	3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\3ae9d2512ab749f7573c580eafc9a20a_JaffaCakes118.exe"
1⤵
- Drops file in Program Files directory
PID:2700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
55KB

MD5
0091c35c5a3b1043c99645c14d1cf1fa

SHA1
381d989b19932f19934b5fcb8583c10e1c6fa589

SHA256
1fc369407028110152207fde548347acabc44c95bd707ab145047515db2ff34e

SHA512
83b0f07e59945980c91931da11181cb8205e0118450be68f50ecc4f5baa30343e9b01b77c321bcbf0841f2a01c395fb345eeb21d5c2f2217c12ec2eb6825a5ae

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
64KB

MD5
a97f036eb75084286f0aa6a0df409679

SHA1
89eae351859a809e9709156c0ab43664c5be2c35

SHA256
8223b7731cfde823aa05bb1f7bc45fca359a825bc5449bc97deb46a5990d2378

SHA512
eaca6cb151090f7d7f13880e29e0661244108a7a3e5e70b5903d59216b8e296a0f5b530e912949fe44a1468dddbcf8f1503243cb5714008f057789011a47ad09

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads