Overview

overview

4

Static

static

3

0d23ebb139...18.exe

windows7-x64

4

0d23ebb139...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-06-2024 07:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe

  • Size

    414KB

  • MD5

    0d23ebb139e4fa787a6c816ee433514d

  • SHA1

    d7b38948943f0b03f2111a54e650ae4d683e3183

  • SHA256

    bb643fa4d450da956d9724436b42eeb094e6da6d2781b2c572031297ea5c31c2

  • SHA512

    26921dc07c6564a860f7922f0a0ab97d7c86f996ef73439d24b5ed6d43ff425a0e485e791c92568d4afb4d44faa4894b1fd3642ba9b65da4d1e4213d91f17faf

  • SSDEEP

    6144:m/GzBKRBM7s3mRr+ol8B55sc+IDpKo/AAODMQ7Mp4ZlJAKEI/q5Dj83WIF:LbwWRS5sc+ID9NODMQ7XJAK4gWIF

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:4416

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\index.html
    Filesize

    7KB

    MD5

    07c3751a16e6a93dba7a1f88db56fde8

    SHA1

    3e53fe84cf5f3dd8fdca3bd878a4d5cd38da611b

    SHA256

    b41e359b029ce130484469e8b8f53e36939ac4e765b033c39fc0e16d1c1fb56d

    SHA512

    2553482f199602c1fcb69d5df4d0d9c04f25f2bd9d63b40d98112d866cd56e60d6c39a7244bcf33307adb61637f27ded8f3386361921f3911f86b0d1e12daf1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\style.css
    Filesize

    2KB

    MD5

    d07c418be56a76cab52160596f51c5e9

    SHA1

    1845b428e288e833d406fd24c4e9be44ed130e00

    SHA256

    8863ecc303c7419247687e767a071f5cfc2ac4223f5c5fa2be344ec2a329ac01

    SHA512

    3a6ec4c079faf467ffe992ab64e60abe062f76c4ba797df16e760dc1d604fbe4cbd4f2e8b8096c9e439bce81ff1c5c9dcef3ef4fbafcefe22cbac8d5ceddcd8a

    Download Submit

  • C:\Windows\system.ini
    Filesize

    276B

    MD5

    977cd2095a39681991a63f6e377584a0

    SHA1

    d6d04fe39318629483e230f7e7c8fc89835258dc

    SHA256

    3f1dfc3a566d4d2ad64b594058867e739edcaf6378ebb4a4d96e8692d32dc143

    SHA512

    d107401c41de9df6c6c1594b78155add3e8b9e0da4d4baf037378d56cdc3bca437627ca541076cc468bf9875455f08fc4f12ad83a830fe091c02c378e5248cbf

    Download Submit

  • C:\Windows\win.ini
    Filesize

    182B

    MD5

    a7522bcd224e5353ad437e14856a8b79

    SHA1

    88a676ae5a9b24bac94c6070019de1341a929831

    SHA256

    81195ee687d2ee839fb570f7a7fbfe065842d9a4cbd6e2b8f30b4582e50a81d8

    SHA512

    62e65807938753d92c6d2259983be2ff6af3f694c73056e4f75be66f8685efdb8d98ea5d2473720eddf7de3c2cb264cf2bbe845e599df64dc966e4f815de7b48

    Download Submit