Overview

overview

7

Static

static

7

1a8fd552bf...18.exe

windows7-x64

1

1a8fd552bf...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/07/2024, 08:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1a8fd552bf75d8d4934b30711ea7a38f_JaffaCakes118.exe

  • Size

    1.1MB

  • MD5

    1a8fd552bf75d8d4934b30711ea7a38f

  • SHA1

    5d999fffeba23f51fbf26b8bd0bcf3f45bbd4230

  • SHA256

    ef64d6d97fbc044ce543537dfe9bdc319f8132238010d59b42b1d2c9783db4f2

  • SHA512

    001f5bfe6cf971b63f1c019cc86cd52290d10f0aa5f32dbe41b094ca6a8156d14fbfe062d1d3ce3600f13aab4b1161cd4f1c73236d21678fb726299ac1854784

  • SSDEEP

    24576:vZIfYChG6xl+UOj7pyLdqXKo3bpY/ZTCTWRM7k3fXEV:Cjn+9PpyBqaVhsfg3fXEV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware
  • Modifies registry class 39 IoCs
  • Suspicious use of FindShellTrayWindow 10 IoCs
  • Suspicious use of SendNotifyMessage 10 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1a8fd552bf75d8d4934b30711ea7a38f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1a8fd552bf75d8d4934b30711ea7a38f_JaffaCakes118.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4160
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4104 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4592

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\Common\config.ini
            Filesize

            32B

            MD5

            e06bb5c57db9afd791c81103eb74a57b

            SHA1

            861cb125f20008eca74483511dfbdffdec5776aa

            SHA256

            03fe3933c4be3d23d11c89dc53a99638fc0a75b0e3c9608adafda685f85af40d

            SHA512

            03e34a999e998f8d244815912939cca02865bb02de635f9f3cf170453e270c872448c3a16fde75a7b6b6aa2fa24d0c9a4c5e754e96fab54b7e7ee69a9116f7f7

            Download Submit

          • memory/4160-0-0x0000000002640000-0x0000000002641000-memory.dmp

            Filesize

            4KB

            Download

          • memory/4160-33-0x0000000000400000-0x0000000000799000-memory.dmp

            Filesize

            3.6MB

            Download

          • memory/4160-34-0x0000000000400000-0x0000000000799000-memory.dmp

            Filesize

            3.6MB

            Download

          • memory/4160-35-0x0000000002640000-0x0000000002641000-memory.dmp

            Filesize

            4KB

            Download