Overview

overview

3

Static

static

3

15d37e004a...18.dll

windows7-x64

3

15d37e004a...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 11:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    15d37e004adfd97e5b14da12c297d0ce_JaffaCakes118.dll

  • Size

    17KB

  • MD5

    15d37e004adfd97e5b14da12c297d0ce

  • SHA1

    1d6bc4d04c575fe84c3b8fc0fbf0dbff68ac6461

  • SHA256

    5a6e1f82e36bfa7a2fc43361405842f782441892b0a4e717f2d84ffbd4ab4131

  • SHA512

    edbc7ab5b45897664aadf0d0121c40b9398564b81ab3eb3d753a14950cadbddbd3bd0fc9110a0153e33197529555accf05454dca76dd80cdde43356014d230ec

  • SSDEEP

    192:6/a0ok0hRYtYJyrAyaHgHUgoN8jYY8WE7:h0ov3cYJhyaHIjoN8M0E7

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 15 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\15d37e004adfd97e5b14da12c297d0ce_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\15d37e004adfd97e5b14da12c297d0ce_JaffaCakes118.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1740
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://snutz.us/
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1756
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2236

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f508924a906f25717cc6b26490de4a7e

          SHA1

          e22267569aad172b32d22c62d544e24b61b942d2

          SHA256

          939039d0abef106546bc75813b6a2e6c37129c668a06b4d2ca89e91212e20b8c

          SHA512

          76952436d197459601b10776eb4767687dca1b84c064ec9844476ad5a80e2b2149a8f90c55f7617e73c5c4f8aaa7968ca170d71d52b03f65bd6a824069dcc50e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1de48bc18d8f3c725a2e3f9f72e12799

          SHA1

          25df09183051fd180818f5a53192205f635b193d

          SHA256

          40eacda79934fac0c1bc96654a5df233ad933ae21cef5365726800c5905a1f20

          SHA512

          a20fa1dfa7b7e97513b2a0320d7f232aae62bbaa3dcfccbbdd54402b16fc384547c3a7ea5072302739af8fc9df9cd8bc7a1dd344f8c54244785a8033b81678f4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0b39fc8e62a284d26cb35971761ee5d2

          SHA1

          bb1fd5c9ae6c91f4f8dfc4b767afb9dbe2c4790c

          SHA256

          b11112f0d2d7e8790e8edf31d67d109c46e7d8ea1e4d98048dca1e260573f081

          SHA512

          606109633b0562d389bc72a4e382f69228cda24b03b2e66874bb13710a7d6ed8ab3717b977372b3943b70bda806dc97bf07bf963220b7a3bd901f71f1b1180a8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4fda16e4ad900470f09f27ce30452c50

          SHA1

          2453dadfa1c8fbc7496e25b777af7a01d29b1e5c

          SHA256

          cfcde3ba2685e6b448b6d19e26627df32458f3400330df1e96ced16ef8f2cebc

          SHA512

          31ae48e734c707cdf489df601ac2b4d0b76d70bf178966f1e1588c230568603d697939bcfce84435cad472d0d77dafd4fa23af3fa9377808501757ec401e0d24

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3ee079a1a9be01a1ffe480ad4db0f523

          SHA1

          09c49b9e7579ab2570054cee385abac3aa4707ca

          SHA256

          f275d2e96054287c579731c6667cd7c952570b40cbbfd1ca618fc77c3626370f

          SHA512

          7b4e8e90056bf39b6a1b23eb10a01f04dc48ca8d16e594fce369d19f870222edfdf01655242b5402e41b1db70a7ff1d1e63e2acf22c26e20d9b370777728e990

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          98099fb2ed737d8e7c8ab4106cea09a3

          SHA1

          e18b107d40bc4f27f575b5a98ecfb14e30977334

          SHA256

          7371c85ebef3f52b6671faece90bd3788e70f77fa93144147b27b9e1f5482405

          SHA512

          4dd4e3da20176d89c819d12838fc044c8f31a1710c52c4ddad56e0bd6e0d7fba9ae1ec3a299c74a6e055dbf875b75627d8dc0c7e9e9af23610f948815dc11073

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7d4a33bdad7953c9f6adc060ad437079

          SHA1

          1337df614d898edca6c1d8bac95eae231d14cb88

          SHA256

          05c7d482e4d5aa87d27d87417fab224a8e555873fe2ad43e3d5356d1e0184310

          SHA512

          84c6e308f1916c69bc70c78b5c0be5b53e90fabb564efde93f5964ded1dd56ccb0cc70969a181e92c00c47225e9e4a46f2f762fee62dd014e0ec20d75b7885f8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c4554347b694b07ba4366ea2cdfca59

          SHA1

          f5fe02ab1f40dacf174d2fdd7ff196206e437d54

          SHA256

          1831d51690f894b8b41d715cef9fe7580693a356eca52b6403c05e7c7e28627d

          SHA512

          62c357d983305bed39445b4152a7357c4b6c2333322cd2e762a75d850f593f468915feb4b91001a8db8255c5cf5e282f298ac210c20ef7250679aa17b475a457

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7f75ba5f1baada2caa595b5aa26bafc3

          SHA1

          9adff5b40bb550225e63dd8c6cc405456dff0403

          SHA256

          4c6296be4b9717ca35d3a352f62ec6f6e83e27a3d76d22d7d4f06da5b0178ddb

          SHA512

          76caeb1ef80a7afb401f27091a308bbfdfed0aa7da52523feeb802df0d412302188355938a9e3d1e891a8da1d6fa27c0922958a4369f56464e2e37b1d2c194a7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0dbea58f3b67f65820fe01b5934e73b4

          SHA1

          6d4d7a27477c38ed982711163d83b52610aaa576

          SHA256

          8d57c698a5e6c28ee9b41a9fb2c9806b8c88cdb03cffb35a7dafceaaa2cccafc

          SHA512

          1b0651d9105ed05b505bd684cbbe0cbe133a51ad0321652b86a16226065de5691f48cc10b090c04d89ee8e2fc4d8bbb5731963aedc867355622280ddf6bc80bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f0f8d7a699576a7b74454e6f32a13a4b

          SHA1

          378e92a077e649b9a26e928c9ecc6d8e4cf4c7f2

          SHA256

          baa6db3c02cfe41dfa8debe640eda6259884aeffe3e174fb4ae3d75b8df760e1

          SHA512

          36959097367bf178c4a897694ce8ba6e2d8d0c53acbd1b83cf80ee9c0a8974592d4d9fe9c6470adfe8301f545f4ee821d5686b823e7a4cd9a8fd4b8d0006e4f4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          70d16f644ede71bb685134f33cc946ca

          SHA1

          fbdf7e2708d69cbc8f3b19f48d91e6a137d59d1e

          SHA256

          503b2309c4b5bc18b87f9b2427470dbf8a175426a7aecc1be0aaf65ccf45fe1c

          SHA512

          f7583f79047d932abf82a17fc2fa1e5b89369fd1d4b67e605377a5217ef10274378121e011efe2bf11f994e78d7aa02676ece6d541b47b355f3c510f487d49bf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          692b6d5c929a12b8228d92ddb693278c

          SHA1

          7a27fe0e82ce201ef463919c9ee801ba9a482c4f

          SHA256

          cbb660c71ebe72df23a27d84947892b8669ac5fe7adb3b02e3c4a0c6f4f6f655

          SHA512

          edbd0e17a1b1503b78f0517f794a693b9e2a32f086c0e03920531e3d7789e45b7b06828bfd032eb2ffca1ccddebabcf1c04b02126b04fdc26a6b2407b55d4a79

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          519785d8be20533ab72a844c18a40c8e

          SHA1

          b844099817d707a33ea934a3ca443c8248b9fd30

          SHA256

          77c4a12eb5ce7e6dc16e176c97dc063d027c38df9d82841975ed537e4ec5f73f

          SHA512

          ff9dd75d34db4810b817266920fc7b228210934ef008250435531eb1e5e4952f40af6dc1dbd82fef65a3f0fb28940dd078a2ee07dfeb739e00056b533981d8e3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f293f12a3f63e949b2c2b8dae5e8eb9f

          SHA1

          6313482b05c22ed88d64efaec65b7cfb53d8d6c4

          SHA256

          86cd7e5f1a73cfe2c569608943fd09d357ef02273ae72e4fe70105880b34ab39

          SHA512

          a6bcfd272e63e05f8030b1c377b582d8a1a9f4a71e0a46c8b98939be561acd3d385e9fe3dbed2f4ed88f6f826238d4a3445e1e7014642efbf4ae6d2959c7dba2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c8c54be24e3234794b041e491c0444e3

          SHA1

          31ede6c706d39b154e85d78ff7bc0a7f166855ce

          SHA256

          9fc982ebb0a65773783a65c6a68ad6eceeb78b2fff7fb7a2e264cf5880fc6d9f

          SHA512

          6e9efb6fc361ebbd165d3aefc7dd17cd2b728b2b4a58582855c93a8ca0fa3aa4b34465154d518910ec5173ba653951c19b24af343f01708c79b5e8673d3df631

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          813f4c749f63ac00e3ab43083732ffde

          SHA1

          cc44d875764f98062cdd0a4c7f4513b1e1e0fd8a

          SHA256

          793a9ac913fa7f36a787758e0ce4f85632598c35af04e64d618d0643552c13ea

          SHA512

          7966d1efe8cc9057423c87b5e0ab1e938692bdcaedd337ab2327b3e144ae09620e42372f4a7ab8d366c0f14cb5266be6f25a4bf6e577c7840705c9c3f6cdc176

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7ec2dccfc789e04b8949e034d7fe403f

          SHA1

          8702215c513b8112409afbf5c35735829d9a04b5

          SHA256

          2e9f578bf20cfa44e918f2f47570e8537559c75204a4750a1c004f9bd33c1ea4

          SHA512

          f9bbdf594c86d8681c87177e1020ec81dc2779bb10b5d270e1a45e9041901b0ff35c1866de61bc2390f94778329c2e0895e272d5dc532421333d5ae68257dcef

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fcd781c4a217694dd1a301eda39c2226

          SHA1

          81743cd6f5091ddb1c5e3dbce434e117cf4b07c9

          SHA256

          3549d5efbdaab4947c07d1f8789192acb636a1179748d2a7502523a1fc2ae8d8

          SHA512

          1f2c5b092e2f759aa783358a553aa116adcaa47bbb53cc9e4c23d57b541e037d6b1697752fda3c0d01b014ddcf99a6442bf482e409a64793d4b56ce0b65bbd4d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5fee3ed356e7a2db942b6c80125de12e

          SHA1

          b904427cad86d0426915b993b3a21300f81d3a87

          SHA256

          e7ac9a011943dbf7d3aac88e8cfa977b6e926df8486275e140a4f8f58b0e06ce

          SHA512

          6a50546da8077d56e1237b0a5efeb1297347574a884f7d45526fefa8665930981c061982c2dfc71c3cf0c3ec88efb1adf113d18ee5fd8fcca8373409bcf10a23

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab6AD5.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar6B85.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/1740-0-0x0000000061B40000-0x0000000061B47000-memory.dmp

          Filesize

          28KB

          Download