ce633ed95836901d260ffdd0d107f46a2df22630141a3a620dcfc32c5168ca7e

Analysis

max time kernel
130s
max time network
139s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
11/06/2024, 12:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Size

1.6MB
MD5

9e348a06328833b8d71b9fcaae8ff830
SHA1

8d5456628213dd1f3d549078988f497e6f91b4bc
SHA256

ce633ed95836901d260ffdd0d107f46a2df22630141a3a620dcfc32c5168ca7e
SHA512

4fbf741349509b27337063e59d1ddc5ebec48f6c0f3f20a03050304cf570cf898dfcdece277b78ccc25e8947a75885a4dcad9ea52717bf470b3d43800e7f09ea
SSDEEP

24576:lJKjFazlxjTqNRLFbAmzFgxUwFv/7uozy9Mun1ORVHd/Uh/Uk9bB5:lJlDYRLFbAEFg4LMsOch/UI5

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 32 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI \9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING \9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "11000"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "1"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe = "0"	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
Key created	\REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING	9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\9e348a06328833b8d71b9fcaae8ff830_JaffaCakes118.exe"
1⤵
- Modifies Internet Explorer settings
PID:2148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...