Overview

overview

8

Static

static

3

27c2dda3fb...18.exe

windows7-x64

8

27c2dda3fb...18.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2024 07:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27c2dda3fbc6d7c6902b7fbb50f920a0_JaffaCakes118.exe

  • Size

    152KB

  • MD5

    27c2dda3fbc6d7c6902b7fbb50f920a0

  • SHA1

    9f53f5113031a47a8e1deba81fc0824469d79575

  • SHA256

    f38e0bf86d7e0d23c4c5eaa01e136eca6ab04f2e6e961db02ae7e4964c00cb49

  • SHA512

    6d30fa6eddfd86ec6480a654c8624d1c4e2687c8c706f9078ea7f1f153c7fe5359249ce6fec566ddccb18d92ddeb3cebd7c9faa8538730f9c68b7b7dafa06f94

  • SSDEEP

    1536:/Be8A9/0Z8Cxca3Vo5TijFW5RD2UFUZP8mNXhaVkCv+T/saCxjciB7F7ezSKF4Ls:ZAuE7jv3r/LkYUYECs7FClmR1Hl

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27c2dda3fbc6d7c6902b7fbb50f920a0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\27c2dda3fbc6d7c6902b7fbb50f920a0_JaffaCakes118.exe"
    1⤵
    • Drops file in Drivers directory
    • Suspicious use of SetWindowsHookEx
    PID:1660
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1032 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87505a33856526d337e5aa3d72190a55

    SHA1

    65853ff701600b8890a607f8b4effc1bdcc1e587

    SHA256

    16bf1eba69b6ecaecc40fa7000cf6229f6de083ed0e2f42e90bff80441f0cf61

    SHA512

    f2f780078a577723c1d6ce4855e3269e60efd314fb26d111015d4da907fa3267a946c2960c7309318231c5423386934273187e53c4f8b158347e2374f187f1ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8630e33ea4011409292b2a43477bc6d8

    SHA1

    27cd68cccfbfa7bd181995b7615fe6426fdf9597

    SHA256

    9d4f0874465927f0c3375daadc27e692d67cd6612a7c6523b38cfa1013229291

    SHA512

    b97328bfcf62767cdd87af97407ac0f04fb11878799744ad6fe0e92483827391f5d1b4c993a147e89fb13c0eab3474d935b2bc532281f97c0f7faf705502e5ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b944d1c96e17f6c6b1b7728b96f2be5

    SHA1

    449a55aae4b8618ae818bd2e5f25d84c8e5255fc

    SHA256

    97c55aceaea0ec9c7a976e4241d72422b8ed1159ff5ce7e28daaf81edec8e273

    SHA512

    802b572714c9fb2d9896bf2244df1b7fb8a102f76efca91eb3376270c2992bcf161b2c4e24e72cfbbe4beeb9ac8bbb3c8ef7b8164a84a7bba892d61659e6021d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abe9aa0f5470869fae91e5a669f04ca7

    SHA1

    03de29c521887a40aef6b776725741446e71f458

    SHA256

    446a300d7dab42643cdff2e0063216445a83d2926c040da401466b98b6e30b78

    SHA512

    c610c8776c9f7605ce399771f29308d88bea935333bd24cf8e0649ee411e7e13a58c7bb290e97b13edfdc56372e2a5986bd9da05c8e00b389b7101603af3d47c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7df7c21c0dcb8a88ce4e5ad85d6655c9

    SHA1

    12c3a075acabce6f6c281a7916ed1d5656ff4efd

    SHA256

    ebdf1aa3ac3da189f69f28f6cdd44f3de533f7bc334bd20f9f8622c636fb9c97

    SHA512

    15d41804f771d612bd636534870b27fdce62be8cfc82c80cd9f45997514be3e9dd8f98a57fcb5a523b8958ef67b80a8b488e7345fea34597815c4535f103c28f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    195fdec0d60ae03ce96635b0dd14138e

    SHA1

    ca29a316048f48df8cc92a465d2e010071bcd97a

    SHA256

    396de65480927204f2cdaa53a61902e4ee0be9ab3b2b82ffe0bb4881972dc260

    SHA512

    c3707697842937bf300290eb446e3a4a41b00484bbe0d208bbee69e11724a2212864a9cd56a32bcce5f388499f1612b3341977862a901f2ae3031fd8db80757d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dfba838c4e32b31eca27b3b3bd79d2f

    SHA1

    e8fb117c25c784170932800a20a882ca70857035

    SHA256

    ce3501130557a9f16c0bcdf5c51ce0732e6bbf35bbef29d1f003499cef376f23

    SHA512

    f7cb9acd3ff2cb736130118e282ba9041574dc1d74d308e1e3cb19c3cc8af4f28d3749d08fefafc4fae9a77160744665cc1b3eaeeb8b4b4ef63ca5910f86aa73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64ca9d141931797eee6dc1d46a7901c0

    SHA1

    6e9457a23131e6b56457f37a923de316ac645e9c

    SHA256

    9ac8caf48c1bb3065af81b55881ae1a5b4525aba1b81998a577046fc96d1aade

    SHA512

    d1de12ced5c68afc9688fd5cd0d5f949cc58848c39e90c18176a15f98f457c0fa958cb66473bad4fa7677971257ade504d909382a505299aa509e1501c4ca8a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b355a9d6bd23a923578ab391439b1c2

    SHA1

    f7319398ea089f333ba23e8ff2224c60f69b0d07

    SHA256

    f9159a7fccda306e60042ef16382d959ce553169b37c18d7518f97a68a0d1e06

    SHA512

    dd7db82f5044bd2070ca5742d6c787f2da04a2175fba2dbff6ea37ae31af8ccc5d1f1144e491c4d4fba7acf9e29da473a8aeb708033a2c1e64071280b67f92d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ade9bed41ed9f54fdc451f8952b788c8

    SHA1

    86fb948c38cf183677e4febd538b6ebfc468ab99

    SHA256

    f0e19ca0c812f3a12bd51f658f135f8601640a7be5c25cb7d3b2b7179baf85a8

    SHA512

    688732008b57e6fb92e64513d1670719fcc55121cc20383c980451664ae88c8df93d5affd8cc0bafd7e29a09eb51e2c47378380f27b7ca6a34d2de4c73540380

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a95fd7d892dc92c4a7670f78421dd877

    SHA1

    8b34e4712c1b28e37a7ca36b721807fc0eaf74fe

    SHA256

    344834f955a67d471d82320e50c3545eef365efd644eaa282eeb05d0db595ece

    SHA512

    97773631f35d312b072b216b40ecb183426b45154430797391cd3b2bb6bcbb8a3090598b41fc3526ab8a03a2d5b238c0e99fb7a14c23c15d4e6ab1914e827553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0d85cd450593be57a12b6f20d82858e

    SHA1

    9dea411eb953614373dce9482ddcd1dbbf0b6549

    SHA256

    03a4344a9638088c7b689906c3345b5fb69742854bdcfd01f4de1f135497c1ac

    SHA512

    4c98cdce73d122f0a514df725a323f25a4da5eb93ef488d05b561f9510206370120cdd1c162ce520c237f5798b2781c88a780d2b860ee60ef2f0c57f3fe7ca7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e15065a98dc9463cb74f9cafbe133abe

    SHA1

    0ba7b3e88badac04cb6fb3765bd88c728b918009

    SHA256

    cb2f8fc10ef30311977633e2f69288c812e49f0c01f99a86363986013556ba54

    SHA512

    22642295ce6181f02617bd2d5c5777da04ebe7187a72824ce3b37b849bc22a4c7b1d618c3f583c658f825dcb5ebdfe38410ab6395282f5ab317e32c88b4bff8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd0cb09a8fa86b49f90d569116d83a20

    SHA1

    4a75ab4f9d67a841cf02a05eb8cb4aa9fa0f56d5

    SHA256

    9ccca6a1e328d4540f8df4b13f7a18e642dfa82a6e734c58ae38124950837348

    SHA512

    f5cc2960c300f47e48d5b28b47294edea2e090b8279fb577340b16f05f70c666c5ec29c23b19cdef290a7b63fad865fce5d126b9d4e99724188e17ae3f4d7ab5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33df2affd194de2d18635a3d04839931

    SHA1

    21ef2c28b7a64214e45802af3463bc0d21de0f72

    SHA256

    8a251e4920bce43b17884a9988faf44c46161afd4c7c7d555118dd783580595f

    SHA512

    29685c97ba7f9e142256f1ca5100d07163a4877e01ac9ea84b8115374b355f94ec1a90f80b0aba6f9d0b39f501bf58cc2b324f7ca2c5862f77b8fc2ed30d2903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2b2a1d73722c5759f6d10e3775a345a

    SHA1

    29059c090d7bb6f76d102ec23fbfac2791121e44

    SHA256

    d589d3d684faf081991609dd00a5fb79691b4317c4f9740d7cead553e424d3d0

    SHA512

    d7986dc7f788b3e9e3672fb4b92298914a52611f70fb2ebc11bd26602229656caf44a05035230ba66f8195c1555dd2bd704962ff9125ae2d4cf6dcc414c3628f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ee82636d2e717d6e624353492503a96

    SHA1

    ca590409c82de0cfbee9dbc50b7dbb2659bd57c0

    SHA256

    89ae1d3b2d11479cea69246c5b20123feefa8caf964af6ebae856d940efadcc4

    SHA512

    40419a5a194e00638ce4666e1434b16b18f9a39fafe6d8dd928c09b031d9a37070253661e10d1cb82fd4ad9b95be4924ff4a12d42f0e995b825e789509c8347b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49223eba3fb10848da9844b189c27598

    SHA1

    ed54efdf17cc0e3fe3bd68b724faf58298e6d40f

    SHA256

    87009171f0543cd94eecbda4d08910dafeb6c343b858093edb7c4104d1fc83ff

    SHA512

    d1479c3e6d3a6519ed0d0d280edec3aa4d2f76b727a202cd54a9ce84c50fa4aa00f3b5d59a33de01b8df9f24ef126689b71b79ed41a0a5df9fe17be3de0f0f25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33a01fd9bef82da83ba1402dd4c921c5

    SHA1

    216e43c5b47c0f7498f243f2238c44d54cabd0d1

    SHA256

    1dd3b1f38fbc7027072e9b78ef71da0932df966d41b9a1c4e018771e02ebdb28

    SHA512

    ee0dd7947eff5b02e27e32aeb87b6409870de03ee288abec42853e8705f706310372e921d3e5c5697902390d04a48455f288ee21dfd5bb2fc0ca1bd3e9f64e5d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDB45.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDBE4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit