Overview

overview

3

Static

static

3

240b9efdd8...18.exe

windows7-x64

1

240b9efdd8...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 00:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    240b9efdd829ea3a61c53f0cf62ba724_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    240b9efdd829ea3a61c53f0cf62ba724

  • SHA1

    cb0f0059da561b3c28f259be76ca3f860876d52a

  • SHA256

    131b328c6978463deadb2fd9b377a96e131332a32794c9580a52fb31276b1a44

  • SHA512

    a9a8869bf536bc7b4a2ca6a2e8d0d2561e36ea5ebf927895b2c5a91d84cb2145d7894ac7119fdf5ee6c79a7f399f527058a867feeb4058778d5b222949990eb5

  • SSDEEP

    384:fTYwY+LQEU4ZZE4zXXaVQArMhBDVofo1Z:Z+EU4ZZB7XagPJyy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\240b9efdd829ea3a61c53f0cf62ba724_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\240b9efdd829ea3a61c53f0cf62ba724_JaffaCakes118.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2808
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74365e3ebcac740211cfa89416146388

    SHA1

    64447910cce18576f43659dfd22282c24d5a4a89

    SHA256

    a724045bfa3a15d0e35f8e1be30cc3166a8d398267b93a8cffda05b734c13604

    SHA512

    f302fe6eca04b973821dacd157c698fcf413a7877655dc20ba7af5af96abc81bb45b0097e9ad3e44989a7895c06728f93248acf3eb0e161434a0cb3bc5905e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00f1acee47c777bf98155f02df4798f2

    SHA1

    a6cf69d29caacfc62a75ede5274430f939199941

    SHA256

    ff2e09b6d07305038851d103f0431ed6819b7aee33da3289ee80eef9fd47711d

    SHA512

    9d67d440fff72c80e69e555421addc5e99383c9e636bce23f6195fd1955913a31ce4c7f13b79c7ddd58eac05acec13991cdd2e299432f8ac1951b06c6b6ce75c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    796254a286a675468fab400e592f17d6

    SHA1

    84834af9f57bee21ae540493e2ddc62ee7f05f7a

    SHA256

    35d023ae22e1060bb83c08a10387d0a5946acf32b027a47e2aa8db728ba74d1f

    SHA512

    6380ee662a7b531fe8ddf110b68983d6451adc9d43344f5d401b98746c0185e18d968f5a152a2745a5ece3f09a45ed6e50ae995bfd479833bb40ba26c07472c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    307159e3cafb7b1e51229a76ccd5f49e

    SHA1

    66f52f968b7c905d4d045a42062e99bf94cf44d0

    SHA256

    3ceecdd97a2f447f8abed9da77c761ffd82c1ebbc7ce13e57bf66e9484446aa6

    SHA512

    a26f43a1e26065c72c6007ca71a5feb0b7de9f7e51e91995a313f4b924f5bc0359d42e6bb17162ed37d732351706d0171f1a3da5566bebe9e9906068d64c4512

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    150af3e4bba50988827472fb0cc81f23

    SHA1

    488735498e08c6bbfce09c4f549869c993432225

    SHA256

    619572896ef41e9c62a8fb8db54a49563b01109339809fc54bf2c7b3f5f3a8bf

    SHA512

    843fffcca3b56e33f4700aa0e04e93683222759efd2bdde9e967a4291b022de9aee6dddb9b861b043cd6849c92003a47c1e3be62ebbe69294d8d143b5281586f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6b69cdb009bc49cb3bfc4cd4d04d79e

    SHA1

    6b880f924b01df9c482db890d200fc5ebc2fddb5

    SHA256

    2eed36574a2a5f43d76f36e71016b03da27c0eb715d5f3b0759db3bfd9f980df

    SHA512

    7a9e8ba30dd43b1e8e3fd82b15655841dc2ab58ca31dfcd990202dd80fe3209b2b777a288d0876018bafebd1c78fede3275ce247d720c76ba5fae110623fe206

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29c3a1268cab41ea19cf84ec46961e0c

    SHA1

    078af3bce640336c5c265659b82e511491b3fb3b

    SHA256

    61e9bbbe0b0dfd1789211919930a1e5c0f24ef95b0a6ed891058de735ab0954c

    SHA512

    61706a101944860a95d29c2d3e7b3ad2677ea9330927cdeeea3d117f3b38d20488d6621ab344a58c7522ab31faa1add030639f8f6e3d1228e9147704a2e1852b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b91d9184964340bf0b196184c1459bb1

    SHA1

    7e562a3991cd16d6f3219cd36998ac4d07d76eb0

    SHA256

    434aeec5c4c54b9c81bdc5a8d7ceab4ac2fcf75bdcf480bd6f685ce885ff3bb6

    SHA512

    c6f0d13af2dad132d8eb4737056e16c00e5543e544b964f7787176b549804f3209cb1df02eff6a0fa64cce5b84a3f6a1611fbc48d2c27511c4cfda6c847ed326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7068df74bf1ee913f653435ce604d10e

    SHA1

    7b52cb3a01de77ba04b61b560a8f2e33da689d91

    SHA256

    408932599144b36443c297234263731f1056346f2188b77df6ff570e4d67d2f5

    SHA512

    e50b3a375038248e939b73bd0886280fa6b6ce7ba8ac7a574ff5b071a1686c3942ab36f4cc1a1b9f875da74439b813b6f1a77d90e9d33b535948fa7083596ade

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab14D9.tmp
    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar15BB.tmp
    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

    Download Submit

  • memory/2808-2-0x00000000002F0000-0x00000000002F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2808-6-0x0000000003DE0000-0x00000000041F2000-memory.dmp

    Filesize

    4.1MB

    Download