Overview

overview

6

Static

static

3

7a25e03c5a...18.exe

windows7-x64

6

7a25e03c5a...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7a25e03c5a58bc2b0e97ba0c53754f8e_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    7a25e03c5a58bc2b0e97ba0c53754f8e

  • SHA1

    18242df7cc44010f5f91376e7cd449fed6b375fa

  • SHA256

    e74a5651345a71316f593ae8eb5f128d2b40f4c11d1ee30ca86e8173b791a913

  • SHA512

    f387fb4f6f5762a751c2e95fdbe2d0d708f6e8ca14ee0785450655fe71f6a87fc9fa24b2909d250b0a1c1e2b07db4b249e750ab4b8bfbd49c671f1b98bea29f9

  • SSDEEP

    12288:Ch/pCHxW4pbAOeeeZeeeeEhMEr6CX4zistJ:U/eDNAuaE6tiM

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a25e03c5a58bc2b0e97ba0c53754f8e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7a25e03c5a58bc2b0e97ba0c53754f8e_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=1011
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3004
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3004 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1832

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0bb22ab9204cdd2fbaa06b4422b69363

          SHA1

          668f8a3104f2265c647c005d96d465e9e7c983d8

          SHA256

          b0261f741360d3fb0f61ab292ddcf91d53f2c72a6d8de8ed59cd550cd7405789

          SHA512

          c08e495eaa216002e9885355e78d479f8b7cafe4dbef64816faacd21ddb1581ca24076c01941fca3fb1b4bc2bd8aed4cf24f4319a99183d9ebca4d3857de3f3c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ceca5913cdae596f95861d28b755cf4c

          SHA1

          bee17fc6ac57926fd6b03a97fea9bb09ed7f5d2e

          SHA256

          c119588c98ebba16f096ac08826e3fad2c635c17cc7fd088ea24e69b46622942

          SHA512

          dfb9ace6e484241d696cbe203fd8261968eb5b55401c967f8264de61fcbbe4d69e7ad83b734c71faf4bc552abb2f02edf4bab14eb0186000fc11b1fc2c8b9d8a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4c5e13c37721f5032cb8361a02c63da9

          SHA1

          cdcad12c8ef9ca4ffd43bdc59ad7271d9877c0d2

          SHA256

          7a5eb75c6f5c044adddf1d990de74ff8d0baf637a572cb86cb6edebf75643174

          SHA512

          c80cf1c5429b676445fcb3ba5e6eafadb0a4b72a9cffd59d9a01026d888f14ea1a57f2a799c1c04f4e2a0072a98afbcf5f1c227ef168bd672d3e1c96daf5ea0f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          041ff630377bcfc68f019a48b6ec787a

          SHA1

          3437df79779b11f4485e21c589e91684cec7b147

          SHA256

          c3e922906b9aeaaff24bb896d0ed473a42cb05fab02dcb7bc6b678b82890fa16

          SHA512

          4d0740094de3797274993f13af9ff4a66e6bd9894d6a6a85397bdaa98600ad46259ca2aac7f1fd750595ac7ed458e8636693f395009d111c983186796dc1225c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          130984b95a2eeb3d64e34dcc151391a2

          SHA1

          0d8f52c73a02f953b1246a63c7d9e6617d034ef0

          SHA256

          96011cb8ec591ff5d084ee619ca4bc8c88f7ac0b25f69bcbf469653e746b050c

          SHA512

          ae596c485cef9bd7bac54d123791551a3548950303f4c4c799d75b802ebc6b3bce803038f4fefc23ee54e26bc328694c55e106df0e8be5f403f424186563e738

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          858280423a32d18c756b3ceaf6412b79

          SHA1

          2bb903a86664a3558ebcc94ff912ac0ec5768eaf

          SHA256

          2834cf7be2bf5e79bb8da9001949a95013126c75603e8f8b1aa83ad7f99d5ab1

          SHA512

          12890eea337345d573e3fbb522e0dd772f6480b6d31a629e41a9ab715f6d23a38d8a357fe172daa1e9167b7e32a16f127c00290be61a0cf703034ab2216a4414

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5caaed91605589c831066ddc222e433e

          SHA1

          7cc278da9bcd44bc74c712900ac68b71b2abdbbf

          SHA256

          c9b6c46a119e5affff78ced0d916ca6584157b94a2094603a2fc69a1269d0b65

          SHA512

          7632cc74f06deb773908d539008945653a31068620ae31fcd6b65255ac1f0ac749c748e6083f6d800f87418e5c4ffd297c0e7f5922d56e8d0b5bf4917c7c8687

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          968d2d4855d816376a8a1212961c00f5

          SHA1

          212afb349ad5cebe0d1a02e5268ea4a0b91e1661

          SHA256

          86778ed56e1cbc342cbe6bb4914e47e379baa162b17672febb541c2591896d12

          SHA512

          499b348a0ffe68bed20eef4e3d3b8a911187ab22537eb12ba1de5c77482e3261d9cb83502ac19798d4545a7a6cbaa0eb2656a1b5683371228789323f8c149ab0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a3ec117bf55899f73a8235f4093f767d

          SHA1

          f0fff09b8c19fab5e4403795bd3968000816f1f6

          SHA256

          1134065148fbb0edf78cd4b6a025d181d3d2c87a281f3dfbfdc7ea4de6fb3cf3

          SHA512

          4602c2f65e21b78c20a10c6a3ea04021acb194b487292c0c376b670ef79813666eb1707829a1287f36d27f253c0adbd3c3599fe0f124f2731dab41783a0b9ed1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          109ed940d66eda397139636339c156b6

          SHA1

          d0d317a870f616147541e553f6e2c2b4ed7fad77

          SHA256

          a9eb0cfebdbe516a256efa2fb809486f6650d78da3d3aa65b7c73bb2e1419961

          SHA512

          2069f77e0962ec13f8bc1ff01873931594cf25682ea05bd719f9edbec7d601a4e310fd6007ed00a8b409424cc09d2d1a9b9d1fc38ca02701caf878d28db3d920

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b8aba0b3872f12601586ce801f13c9b

          SHA1

          b33f7d26d4d23804b81884875cf088d941ae9779

          SHA256

          c85bf717f76792ef24179748041ddac6a31f151cdccfebf5f5bc0819b0e7ddd1

          SHA512

          035543d47b0632047d766f4f4d9334379313579be2ef01c284d4e7eb6bd10bfa21bf7ef7c09244ac2e79836ab4640dc4590dfd8a261f4a4ab8ba16caafe5663f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c54931f4f9a65cc27b097f1ff707ffeb

          SHA1

          045702e55d9314295c34300e1d611cd0ede6cfed

          SHA256

          38ecc1c8091b70ab6ce585ec9152be9460c03aa332164d4e6a270914a331502f

          SHA512

          48e3ef3d4b8bb5d2f681d4adf6cff972ecbb540fefd0bfbd8137865d6d37ce625099085bf228478556553546aff2eb55c608b832ed39a35b0587fd45340de68b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          55284e2bffeafb454eb39e4bdf7778fe

          SHA1

          d00c66ad46aeabf2334c57985f9cbbce88d6f433

          SHA256

          a0c4dc0667ecc028bb71e8652543cbc0c548e39258416b273d9b61dc0f612174

          SHA512

          af78c91ac88cd3b3f7592b3297cafcc80643b376df9b5674568e8050a57b1f0777a0083a27674fbeb3f46cc8fad0296dfd1dbf5c79b54dacd594e663cd8a8349

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a62c042792d10c23e61bbec489fe39d9

          SHA1

          a08a42aa900263a124bcd677167120a046d63f8d

          SHA256

          7818c7f216afbfc622d46680bce95653a14f9be64ba66a109df0807122cf6111

          SHA512

          e365e76a950a82921e78d8afd70d3c75038b146571a9b5982db4d82ef595adccbc314ec20f8964c15e96d167437d3dfd05510872eff74ad3a25f6e22a660f2be

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          da39681bd68e1177f42f5f2006229d24

          SHA1

          023ff4b0d103892f069795fbdd2556ef5a40975a

          SHA256

          244cdc58df01997c9c089d1d8c5f636fdec43de254f4bfa6a5a26c52d802a315

          SHA512

          1e74ad835c5ba480a9f9be154f0f94c3476e3db7d6a03e78e68b314e474035c4d156b831adcb275d68077cd603a5677c41ff3c8f07dfc57b5b2f1f815e6982dc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a6a59d9208d2e266ac79f7b37119c375

          SHA1

          f490282462da4373a0c44879e54385c106f96064

          SHA256

          2b5a76d08dfc10ce083bccf4c80e91c4e44f07de3879be1e1815fea260544f8f

          SHA512

          dc6d7790c7427cc9a2d0d6ad2520c8ad23eb278c480a174edc8c3352f1a57d722b976d177226ca5dc77c84a0a50f4abba4fe5d89ef111586cbdb84b34609fafd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          817c220ab4f8f509def8ea48078072b8

          SHA1

          7513985b19b249947583c36fcf686f7853dce635

          SHA256

          e8c8acf3c1bbfe33f1ce5edb1c14e538ed2d8ad7416e4b4e990ea55aa5390e73

          SHA512

          85daa12df6ed896c360b2947092cb2f93eb375cef843527d794b6cd0c6eeeb366ea04de2fb2ecdb4bd6935e19bfb7b993c7b20f7dc3eba6be398ea44ef2bd548

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bc81f1dcc56da436ccba09e965f8aa9f

          SHA1

          994b468902370f172834b438beaf9d984c303b22

          SHA256

          28cb68d22d1793f7ed5004e505d1bac5e5d83bde7b111040fe49731cea427dfc

          SHA512

          c424b7c710aeede782bc0c08940d67d54a2e4e4249073874b4a3dfef7338ed81820e36ea8130570888cbecae25335d635cc5b943fd85560bc0221c4d02811b72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6d4427651c5fff4b1c5685a33b52efaa

          SHA1

          3e743c612fce265281e174bc153a057da458a03b

          SHA256

          2f1e10d8815fb28d18c0d2fef3fa3d91321a3063be7255559c09ae1798e5b385

          SHA512

          5f06faea9ee7f465ef9055892bd357fb8444cb9df6fbe4a6f3416676c328d9c6b24239480540cc6dd1bf8d43bc01fa40adea09f1df268f0a9823099c78bbb8e9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab31DC.tmp
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar324D.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit

        • memory/2164-0-0x0000000000400000-0x000000000055F000-memory.dmp

          Filesize

          1.4MB

          Download