Analysis

  • max time kernel
    148s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    23-06-2024 01:41

General

  • Target

    04c5c992c657ec64cccfa6fbd6c372fe_JaffaCakes118.exe

  • Size

    455KB

  • MD5

    04c5c992c657ec64cccfa6fbd6c372fe

  • SHA1

    1b6dc7444175e47a753b5fbc5f53be6fe55a5435

  • SHA256

    d3312b99d1dfbe22a25eca16d000350fddf0da8e7deabab791fa503f76d4bfb9

  • SHA512

    7dceffc418676cc0fbac57216f4f77322b8cbc0d815ab3cfec0a3ac9e1fde81213622ba147196898e2c83c3c77ceb76a9d7806e5efc6fc7d9bd98b88535a9494

  • SSDEEP

    12288:jwJnsKl6ZSwQ0ttoexYzAAK/lKFzeMzK6sMZeoY:esKE7vo6b/lyLzcL

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
  • Modifies registry class 45 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04c5c992c657ec64cccfa6fbd6c372fe_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\04c5c992c657ec64cccfa6fbd6c372fe_JaffaCakes118.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    234B

    MD5

    99b6802de6261b6498d8a6fa9c36831e

    SHA1

    588c46a2892dff9e98b266757e2d69ef1a1ec51f

    SHA256

    ba9f5d1ede0c880903210151460a7d35c091cdc26f2be95d49133e64c909b76d

    SHA512

    05c51d48241950447c90b5c1756fab87956916303f5df9d9ce5a37be8f624f028d7899c25c0bd655d8fa9fce44a6a4d61a1ad4d6e4fdf5df781d3066b15e4066

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    270B

    MD5

    bf2d5fd6e174e0b5dac7a69ccca8b1ab

    SHA1

    3ea5e6209932039641ac88f14618667849336436

    SHA256

    dfffbd3e5e462a03c9d76d20a4a5a01004f04aa65a4efa5071e37aaa2aec574f

    SHA512

    e8becc4c647675b8e784dc57abc1cc55e752103d9caa8affd2a5c4058efaacc7840aa9a4be0e86d2c36ca9a30f595d516ff09028c6acea2c8ece723deafbd895

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    103B

    MD5

    df9726ea557850cf1b7bb378a3923b99

    SHA1

    a314b554d5973249591f028a48d3bfb3b49eee4d

    SHA256

    4ce5132133b17adee5d4f1c88430d2b9b6a1372cd3e66bb2011ecf7d5c74bc7e

    SHA512

    966595440643c739295c42d3d5585b02d8a9ad7f9c0322c0ee6754af1dfb7d70657337e0ce2938f991bb552a472a65b9838b4dc6fc03c750142d1f723006a0f9

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    288B

    MD5

    7ac48a92846857e59b105d4a2ab0d076

    SHA1

    ed137749090aa8f376d178881534eda9bd4099e4

    SHA256

    907d702c75932b49b4a1f1e1254dfbb19647732cc3f0bc199523acaf492e2ee7

    SHA512

    61e07797f03f6efcc7462befd9923ec11fcd7e33a27a2ef7812334674ad265a6d6b2f819e6c6cdc2da2709c4b58e5373c9c10f8a2ecaf9d922e841da06c3dd8c

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    305B

    MD5

    f7e652c7d5a328e56d25c37f075b9590

    SHA1

    078d16b574fe4478f291a88e1377e270074568dd

    SHA256

    58ef07ae4a636f151ffcb54d00715efb996238f151f77e0efe4f0a92bf0d4ef4

    SHA512

    32358274f965fe4962d93ff8f985e839e1461b97b6f4a9f891410daa76b13e342276d621f4600e8f00c7db2cad1930e1519b45939a7b152eeb7e62293c653832

  • C:\Users\Admin\AppData\Local\Temp\User\GreenBrowser.ini

    Filesize

    53B

    MD5

    9fff23ec9ae1a8d6f4ec173e8f8af4c0

    SHA1

    7792598607845d98c5952507a9cf4d3026544183

    SHA256

    e58516e06aa2d4435df290550ac6d93a62f7c72b48e6f0bd7413fd8766d914ab

    SHA512

    978c772ca1ea550dd518227494e6571c0d3747a5c628ef091d5b41ac8a2403b82ede1377d649d5acb046146cee1bd30a621b0064612180799ddecf7196e60d0e

  • memory/920-410-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-414-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-404-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-405-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-0-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-411-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-412-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-394-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-415-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-416-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-417-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-418-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-419-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-420-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB

  • memory/920-421-0x0000000000400000-0x000000000054E000-memory.dmp

    Filesize

    1.3MB