Overview

overview

3

Static

static

3

284c16ace3...18.exe

windows7-x64

3

284c16ace3...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2024, 10:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    284c16ace3914c62dfcb388aed05d39b_JaffaCakes118.exe

  • Size

    361KB

  • MD5

    284c16ace3914c62dfcb388aed05d39b

  • SHA1

    60226d742ec5e8a344618e0ca520fbd013cdae2d

  • SHA256

    76bba245e18002fbb71219f6a7e81f8ef3d7489e2b58fb5359538a818ac9844d

  • SHA512

    34783b40f2447d4e808d9c61bd9178293909f94e481c68dd0ac0e1478e3d0c2ff5c88f64f2e77405a910cd88294f23f3b7794c4d8a7eb9bf945e888c2d9cda7f

  • SSDEEP

    6144:88I6FUzk1lvxQUdHx+Ywbzm6TR4bJNN4lF8uy2XYtBufJsjf+h/H2sPl:66yzkTxQwxVs+bJNqXYXkJsj2hesd

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\284c16ace3914c62dfcb388aed05d39b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\284c16ace3914c62dfcb388aed05d39b_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.orkut.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2236
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1940

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          78db67f018a1d958b0796549be45fb21

          SHA1

          708a217a97002203c37714c3d1c2a708fae2c185

          SHA256

          4eb3b986ad8a7e696eb4e5d1b749a5b3cdae5ef5665a8df9235844fa4b8dcd85

          SHA512

          053f309aa81320e2170a6ccfa4114a041ff2b5866b04a29d27202c988038057e67069c290c41bc2149e5ac77ee011b810d5a1aba80ec7b7609b5a5832ec181c2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          00ae1797719f68b05ef402680afc88d2

          SHA1

          7725bedcdf705d6d1a40adfdaab326e42b1faeb5

          SHA256

          7d29467fbed4bcc2d509669be5c3c7875cd98d6a1d134b81e14a070c859d832a

          SHA512

          64a1bb53c6298a89914236bb60cc86fef7ab99b8f8382116f2e1c2812d837dc5d22ca11a6f1c4abb4f9626500db4fbcc03ee4d052ea4ec1104ddc425950c54b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2db5721454c2d5ed75bde4a330e0e1aa

          SHA1

          0b8a60834c1f593698259156e8cb3a5750014f89

          SHA256

          b6cb34f669d7fbcb93025d327d851fe4dfbcd0a8208fcda877ba8f659b8cac02

          SHA512

          da3423db58b0e048145c3837a0607353a2690929fef9e512d38f26e40e54b76edb60f78607f7b10dfd51eb7c73c42d950ad02d557189de23fed21302738f280c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d10387f409aacb27326220f418f5550f

          SHA1

          f6d41aecd526a97561ab254a8bba35ce5c08ae12

          SHA256

          f501c5a40c87635c3fdc812b29d62460ce438b02237978f3da1ed9d4faf40f0b

          SHA512

          193091a8367a7c412bbd5034b7309a3fd9316955a52adaee5bd2d19316a4f4373c4d03968c39536b4591c88c49e8bd1a1f047c08f2d6954595cdf9aa59337d74

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          936e6474ddd8704708085605aa3c3daa

          SHA1

          a58e14bd0e83b12e9d4eb5ca643bf87669e542ff

          SHA256

          fc6c8c9932ddbf77027eca81f9406794038f5ce9f037a5560e266fbe57fc18b7

          SHA512

          08fc37ac57f7746d9037afdcf54bdd9b5bd977046ab91fa6c558e3a438d716148b0ee35575ebf1aafb5e327f3a695e31fb0d51b0fff4c200f590204e7f9c7fb4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fc7beb417a3367f952d4359f0cbc8d67

          SHA1

          11b48249c2071ddfba8dd5071f747a65bebd6ec3

          SHA256

          f4e650f31dafa26c3535259be83bd9c838d97ac2368ad22084df8c0ee2b4edb5

          SHA512

          c0ee878286538c3568913fbc27aab0dd8b76951f3153fd4c3d903447ee8ec3f5103d0d90a1ab77ba758fed54852a3c98c2b94e14745a5b4e8ba81bde9bf66790

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          62e0c8d0d9e6c6fdb5f7b4c707a6a5d7

          SHA1

          87cc9f782f3edf188b1196fe934fa74526ba686c

          SHA256

          b2d9a5ad33d511951a61c758f43fcfe30934e7c96d18e3fdf132d946d25a4747

          SHA512

          4f3ff0d2afe94054fac63379a9d83d75f132b9c5dabdb17c71e9d50f77ca8b8d5d7f94ffd3648171bd9f82768f29c656a393a4f16732b1c90a3e1ba075250bf7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fd5e95c5b12dde1974ff9228eddf70b2

          SHA1

          076ec4f4888242415451e150598277a54b244732

          SHA256

          78a00294e624e9a7c56421233b83cd945b92bf867ef5ebfca70a224b9f6e5c4f

          SHA512

          c42f89ed003d638e4b4968d60cbc45543747026e7836d0f350f6ebe865d576c048b6c02ab9a4de9b6be3e90451127a7a526e6e4b85103127c457fef3e58ba2f9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          083d42cb9e033a8d82e5b183c0819000

          SHA1

          bdad0e273daaaf70b5979d737c61a848ec2d3e8d

          SHA256

          07581a535f6b432a409b959ed6236105dc8bb49b7ec2a3920f684e12fab37564

          SHA512

          132820467a92fe94b683d0ca69ea18b247c692c64b8753d281349402478024a710a4080abb2e415cba6322ee9eeb0ad8b78730318331c7fd5cb8395e12d0022a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5e92bec803f947adace0451497a92d72

          SHA1

          7e3661abf68c6cb2a1adda0dc5e91ae96fff75ee

          SHA256

          5480b9bdf54e11ca610bdaa1f2387a91cb02f873fc15e16ee09c37d775429a3c

          SHA512

          e091bf7bf4672e249060ba97f2f14167cbc1c677e13e1f2b6d523a12cb8f2ed5b40c3ef2338c57557c2ce98a3f2e35ca7056251136323a3aaab5b98a4d5a1929

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cd4d0a44a929c87489ceeb5f1ab2fa13

          SHA1

          f9d9d530cd4e73a192329399f15e70fbf9eced2b

          SHA256

          a10cdd9a3ee0d26e4e53fa4b189d3e659dd502c0dcab1668a6278cb8598c47bb

          SHA512

          23b985a57fb1d924553b8408635fcc3c5af4a6430c60b8ab80fa6d407285d6642c7bb27c8bb547f8b3e9c7ffa3fa4ce0d4c1d8370eefc3644b2fca1ac98f795f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0d844b276caa96cd3000b0b8aa31e503

          SHA1

          50244275c3ee5b968ead33de3d78fe1bd0b1484e

          SHA256

          7a0572b3a88c74337389b32ffc47702bef1ef138154d3fab82c89b8d2b7ad168

          SHA512

          7df6caa4f0a6eba4edba6c10f8f9be4ee81ca892762fcb02c7d4acf6c45bd8bc7b2bb185a723a098b498face2f36dc6cb1e5aa890b5b870f3a78de6df0404bf0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          64402fd47bc89565637c842ebad607a9

          SHA1

          143f01f7d9bbba809fa84c903bed1fce9a76097f

          SHA256

          35e6cc3d4f6a8870d6e7e0a8f705e0dae50be7431dcd5812f1932130d34dff36

          SHA512

          f56b0ae287ae98713758a9c6be84c1f55c520471e2ff2e2a5636369b91d4947ef978ed47a4136c202a92b18aed016a79495b90ac3c09f6e23c23fbe4a7c1a920

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\85y7ywt\imagestore.dat
          Filesize

          99KB

          MD5

          6b29786373546cc3eeb4964fcdda5f72

          SHA1

          88c80bdeda33ed19091b16bc61bf74a93eb39a1d

          SHA256

          30aa30d2953d945941ad28103e354ac5db1caefcb8d03c64778d2f89f7e23007

          SHA512

          542c07c18f636b0a70d7de40565ae2b2458b5257d38b795f617ffcce7ce5ced16471b8e7f2561d5f88a12965ef4a8341a78be490de3b60a963f380d99a0bfddf

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FHNNOW\favicon[2].ico
          Filesize

          99KB

          MD5

          562fe6b5bc02c09537b054ba674740f3

          SHA1

          082f9d8d488f49c3085384009e9700b207dbd8c4

          SHA256

          29b906ce83796e0f46ff07dffbb9cd63278bace576d063fe3d888ab41c76e0d3

          SHA512

          c1a82e9104b03fc145aa8df7146b316e737d60cbacf6ec5221e0b7ccec4ef8f0bb9267f950363c84d3f67e916d728f36ca79f9d244400f8bcf3ff14a909a20ad

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabECC2.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarECC3.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2936-0-0x0000000000220000-0x0000000000221000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2936-4-0x0000000000400000-0x0000000000461000-memory.dmp

          Filesize

          388KB

          Download