Overview

overview

7

Static

static

7

0d826b67cd...18.exe

windows7-x64

7

0d826b67cd...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 09:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0d826b67cd29f6c9990a3d5466bb8e1a_JaffaCakes118.exe

  • Size

    17KB

  • MD5

    0d826b67cd29f6c9990a3d5466bb8e1a

  • SHA1

    56c363abfd9692efe1004da001286d4193e4f5e0

  • SHA256

    0f00f7e866776b7c585d3f71716a9ffeabd529b5bb8a2708ca1d2566b6f51219

  • SHA512

    1bf84fe0c70a24c0e88562987f2be3392d8716b2d6a38ec3a90c7846aa3606132f7e22fc17f81aac68d487b8b00568e593152ab9a7edba1dd5334dfd33447d7c

  • SSDEEP

    192:H68xrsKGIpLFqUQCKAzpZTPR60hNhbfaJL/ITKC1fer9ZCspE+TMwrRmK+vhOr72:HnxRhxeCdC+bfaJLk71f3eM4mC2

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d826b67cd29f6c9990a3d5466bb8e1a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d826b67cd29f6c9990a3d5466bb8e1a_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1248
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=433
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2036
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2036 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2172

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          338edc08e9b65810601f03f479135089

          SHA1

          026899de3e9530ded447565fb0359c73d20502bf

          SHA256

          e4237036f2fdbe00df5dd8f8bf968de6ca68a8b9cc138aba658887a406bb7e0b

          SHA512

          d67293ef8de8b000fbb46f9a8724022304341b499b40236249d61aa4982b3a0bb4f4314eecc1dfe63f199698848584bb9fa2876e98910d3f53583c725212a69a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e4f3aa3cc238b8cc562f957429e5e1eb

          SHA1

          645445cd1f690c2de62ce01b52eb7bf0107ca1d3

          SHA256

          3aa8038d934d0c7b836cfeb89211796b030aac1ab8b5c21e7f4a176954f74cb9

          SHA512

          38e0c136a416774bf02c8cdd9562f3f393316fe8e38d3e851c193b03cd24ad3e45e7580b73ecc7df456d42f5fc487573218f378050fc0a8456f1660094df6b68

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          afabbd0bab8ac857bbdb689d2101dc70

          SHA1

          10fc5e6ba24c05f0e4e15c3fc8795c4a85600846

          SHA256

          38821aaedd544fce2d9a04e306d6841cf8acf088fd832715063f6a78d8cb6da2

          SHA512

          d4722dfd0b229d7febb42267c999cbee18d8260fca1ad18c3da2b2e9830fade3c9f07b4a80b21b6b7189c4d255170d0f01120f0a10d5749552f427d7be2ff2e8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e1d498398a61f4e51940b9707ca5c29c

          SHA1

          989cf4657269dc7b12dbc636c385d7a77bc50e68

          SHA256

          c69b5072b53b3af03f73b944e6d8c59f54dab58dc0ff183d6ab837e1bac9bb92

          SHA512

          47da29eef956942d8b6ea378f1ef4cf2f6abca4f7e0ff95ac67a90ce83970bf47496edefcd56a508628e4368cfcdd1b3a4b227c2c8792e99ccc7bf477237a950

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          62240dc599692f0ec55dffdbe9e545a0

          SHA1

          545e23fdd16a839c26f6eeda6b7a9ba4af5dce41

          SHA256

          b1c4ae2c5de4e6e43537a6a887dd310b8782523d524033e59d0a57cf0ce6f31f

          SHA512

          b52d1dfb8c43831b2db264bc9e9fcfcd6e773ace628a7b20550328f31318e02d235c483463d4f7f8323947328ed23d322afb34b01bbb32679fab0c1bc5a4235e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          000d7820ce39278239ffc19c3abdfe2f

          SHA1

          5890085dd15fe82a2278881855c1685c434fbfe7

          SHA256

          20a102be3b0c5db58cdb85d17a11e2e600da53bc4ddf2aa47e7a2948fc77a1d9

          SHA512

          6af3c2eb4e026a345de58717fb3ba7f7ac473c9007912f165894ef3fa078e083b475996326d4e407d70e808f14c1ccb7156d5940b22a67526ec107ad31b7d163

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9e411d457accbbdb70fe24841b3407dd

          SHA1

          f5eba73fdb6c46e8bb65ae6c53a487e8c45592c7

          SHA256

          d7df4c38c20d231f4695f7c3838f4cf78c6890464b79f1946ff634077f5693b7

          SHA512

          51a23a28d4cae133fea67a49cd2ab192812bf79b9f566ffdb891d2ffd185c042cdf57f0f7247421f7c43dc2e3b9563c4325f00e1648fb7dd7b9ea0c5c159a609

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8a218fa0155f3bc41cd9768437f90fb5

          SHA1

          5f75c4178371833e663baa307e8c8c95485c7b27

          SHA256

          c0145537ed38eb8c8ca83aa86b613d411663152649fb2344dde2b76fe37b10d3

          SHA512

          64d61814e8857fdb3e8e0a6b9315afd193d4f4a882183540c7c8ddaafba3f29bf0a5f74c78c52080afe12dbbe6f6d602c20cd924c29641f33feef7c5c4e2d197

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b87e1ae7154ffb2b3c05b30e9e2bba17

          SHA1

          eb947e732644e195549360cfc963750602b3931b

          SHA256

          a197bf1c328fe418a613d82f9c4741bdcb30f365ee6e19ca2eac1f4b554a03ff

          SHA512

          0e80dea6399965791a08474b844167e2b2b64ebf66d39d8c222edcefb503267244ca237b364bf7d796a8976fc32cd2671590b01b1b9b6c267f267d83d6c33c21

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ac9bcf8aefc1763afeefb8ddf3b3692d

          SHA1

          c0733ea7f576f0449fe4599fa12b71335bf34fbf

          SHA256

          4b8025ed425ef985e6d0d9f84eb1b7598752c37d186a566cfeda03cea5c8f458

          SHA512

          3bb1c191ab86f47ee289f3b1ce8840c2d26ba739410e7dcfc1f320ec4f293061e7d74a066bf022089430b1747dabb2c14846202ab26212ea4d10951a689385ed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1ae0857a269ba35ef648729eeaa240d9

          SHA1

          4c58da675a03ba0fd5786315e0a9b26995a6460c

          SHA256

          965df1c76a1f514f5e9d18c508e374691c625b3c81387a8b883b4c688325f0dc

          SHA512

          0d19c142f549f6f72048f2baa50e337f23e44b20db64bb3d1328650809376a562d5ba2492922795a47a8553e2b8ec3060374efa6210c1195b4a71dbd6c9fdd6f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c53e910364734a6462364723bdfe77d5

          SHA1

          4999402aa17075176e4b4e9d4287bb5e5324a6ef

          SHA256

          b51dfcb42147e1924196b3571a165974720f1ccb1d56a758c14cf66696e028bf

          SHA512

          530743791319f351bf0d33ce1b1f7cd7c65e968fef8bc005b32bf03cbce4748e6e881f5d1bc0d48dee4dd1fcd756c2285c4848d2f1397a34f15d47239bab49c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3861f0d85e79e5eec9f76d960129606c

          SHA1

          42bd4ff91c2c814dcbe5db6a4871ab586355f1b5

          SHA256

          6009d4cf4ce6993b9ddae99b53872213ae1f32f835c18a744141b801742b90d2

          SHA512

          6367be543ccc7066ba9248452b9a98d3951f02063f27f1e6881cad8eada2371914a91fbf026f2e2a95a98450a81d366fd98a08895214ea0a331678b60492277e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a360b83680b661019fe9936bbcb1d538

          SHA1

          cd11cf1d8ec223bd125e631c1afaf4806b6c8e40

          SHA256

          c803d185e8aba90bc25ea4a705a7a81c9273fc2f2bfe8612c7c7ed0d46c99ad1

          SHA512

          7675f587c4abd8c7971db64f6614c9c3a041b93918a7661cf91d328c91e86ae3d281cf69e60309a7c95bae97af9a59bd7ac75aad461b08e3ad15b23a26cb5e32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          de1b97dd3882cf186d2832167e3b3ad2

          SHA1

          a11e3f80df6cfe1d65ac7a829b45390d408c6da7

          SHA256

          61aceca87cf539359c48b533b50ae00ecc4846937ddd988b9c6b4ff86e58aade

          SHA512

          4650d9b285330adbb1107d2970c1915b7e0e709fb802892114beda95544ad609e84cb2cd76f8173a52a31520d4072a62cdff25140733a9300eb4b6209a788099

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          060127699cbf453101ebe099bf0fdfcc

          SHA1

          c91d187f720ebcea97f00a234d9e0cc790347e90

          SHA256

          feed530e1509327a3f8dae564180652f94d9310815b6488c4c9eb195f9f3988a

          SHA512

          cb7ee433bc72241b51cf57d4497b289a368524e76e84a1904348b3873de28766ca28742aa89ec5c1e72b6d761e42ca443a9ea2f3d7bb1e55eed733b812142e26

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b3f5aaf019b635f11b69beee53364e8a

          SHA1

          4f0e54b6a6d890e781ca31d4226de1a476538309

          SHA256

          9a5de588e21284bc3dc49ad4440c93609be957df0ccd37162472beceeee88b70

          SHA512

          1845edf55bfedf0bc8d9543b8b1582149ad1346116274c1a710655aefd5485645c6e232e5ff7017799a41abf00c04cde9c3f3a533ad5b8d80d2058418541c23d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6b6325cb70f1ab9604c8d18c04280539

          SHA1

          25c5672c08efba48297e123d1ce4cca3767537d4

          SHA256

          f72c851710caf83fd5f59f0fbea9006e7985529abb7ae4a30bf97fc35dad76db

          SHA512

          543459920edaa6de12a9b46c7ee1d3029db9a2b49c288fb238b6124394a1c6d6ea8bb81ee10cafac60e37ea26f49a1bd8cd6bdc7c1d80064a2f2723778f79a6a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          298ca8e826a7e8d5869ffe81cad1465d

          SHA1

          90e6dbbcc46109a6badb5656f3a48cf6b4c2acd9

          SHA256

          3ec1d6072198dadb87cddefb26de629b97173256befc1eb889208b366e3405a1

          SHA512

          94a53790f12921ab678a2cc921d2eacd70fc43c4571af5ac7521342ecbfa0d4938a4f03a14d739dc19fa30d54e35b1998e3deead32d2a260fcfc719bdf78f4a9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab324A.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar32F8.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/1248-2-0x0000000000400000-0x000000000040B000-memory.dmp

          Filesize

          44KB

          Download

        • memory/1248-0-0x0000000000400000-0x000000000040B000-memory.dmp

          Filesize

          44KB

          Download