Overview

overview

7

Static

static

7

371772a9db...18.exe

windows7-x64

7

371772a9db...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2024, 23:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    371772a9db2fd1a4371f0a7d6c66c820_JaffaCakes118.exe

  • Size

    320KB

  • MD5

    371772a9db2fd1a4371f0a7d6c66c820

  • SHA1

    fc2de399a3e45408a00c46a319609a5b6777b9be

  • SHA256

    eb0f27283192797985bb6efe8916f0294e6c907d62af28cf7f27b83d262d98ee

  • SHA512

    a7ada7491a4faa71c035e1caeb961091857f4a25bb5c02c80ff6c62d014548d2c3314a5a383e5d5769e1109bb7e4cc757d6075421985d2db4ff5fdf4e52d5618

  • SSDEEP

    6144:pVNkl00tMbl/c7bH9zEWuO7hcTIctdaf3QbHtza+9qMlhJg:x0tMRqdT3uXaf3QbHxd9BhJg

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\371772a9db2fd1a4371f0a7d6c66c820_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\371772a9db2fd1a4371f0a7d6c66c820_JaffaCakes118.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1972

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\style[1].css
          Filesize

          5KB

          MD5

          076e273d8fc61526cb043066e350206e

          SHA1

          f9519138e698217a0a513da273a8caef520fca53

          SHA256

          1e3dc8110e7560911627d16193166e577a6c47f8d1361e29e8065be11c1e606d

          SHA512

          3728671bf98cd22e0a2f86af768c434b7d3dda8e003d72476a865d10e4ed0098bdaee1b1fcbd38ffe535bb32c44ea4d13eefe19eb03aa397771935c145983ca1

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW68H88T\mootools[1].js
          Filesize

          107KB

          MD5

          f276fb309f7b7118f77a7bb28ad6aff1

          SHA1

          cefa7ac91e416019fdbb3335872ada5ee84b8fe5

          SHA256

          ba714d291930e5cf134cd8cd3f952fc3d2a5e62fa13bdd8a0ee32fbe34bf6f2a

          SHA512

          6051a432c60dd2d02332d67131c124628d637b718a75fb7ab11e1a2649d73cd3a0e47e46ab3377afba04554679891e1200424a6f5a1cb3ccb205941f83ffe3e5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\n1081279[1].htm
          Filesize

          168B

          MD5

          78e04917f350e259712db1dfe4c100f9

          SHA1

          26829f30a5a83d3fbeec3007b3a1aead3811794c

          SHA256

          ab616f771732be27cff5fb7c8917361cf57ec2a69e05b428029e8a16269ef9af

          SHA512

          4a1b1cba3d5deadbef304df9e256dcc160c12b7540ff64c1fe6a3abf255af1c43c6e72b7bced39c1eafa46741b6b1f471cb239b0bf9bd64a7152387081fc5cd9

          Download Submit

        • memory/1972-0-0x0000000000400000-0x00000000004EB000-memory.dmp

          Filesize

          940KB

          Download

        • memory/1972-1-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1972-86-0x0000000000400000-0x00000000004EB000-memory.dmp

          Filesize

          940KB

          Download

        • memory/1972-115-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download