Overview

overview

7

Static

static

3

2ed65270db...18.exe

windows7-x64

5

2ed65270db...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2024 03:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ed65270dbef92cd1cfe6b5a56790680_JaffaCakes118.exe

  • Size

    1.6MB

  • MD5

    2ed65270dbef92cd1cfe6b5a56790680

  • SHA1

    b22c556e76717db44beba3315d251774e89b3795

  • SHA256

    29360703d374b9ef379c4d116e41a007878fdaedcc694e2f00f8cb1f73a8196e

  • SHA512

    00bcfe1dc7812bb2fad86d1f823128c191c94b2ff2fc899907cb0fcf2bd4d346ff7cef7b27c9091136e406d9ec27c33eb46f54efc301d43136acbb083d6c6b58

  • SSDEEP

    24576:7H/tGjrz6hl33ABkOpZWeWGRQqulPIfUQ1FmvjkddkOdZ:r4jCZwkOKeWJNumvyvZ

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2ed65270dbef92cd1cfe6b5a56790680_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2ed65270dbef92cd1cfe6b5a56790680_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.dnf2828.com
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2140
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e57959ad953255267194b0aafa01eb57

    SHA1

    bbe260bc962ca70fc2ec67c78e9a5d08833d1361

    SHA256

    72e95e60b0af3ba8f0ee7672444ec08526eb94933867220f339184360373f809

    SHA512

    914cd088bf4abf56c5397ac5fc2f65386a4cc7cbce9861acb290ab42b999234c7164471658b487720cef685ce03d467626a026a8aeb1cdc3441b7d6a6e80c596

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04bf3a2250a0be786937150724740ecc

    SHA1

    600b9b3dbf47731f8065c1a24805048d3384634c

    SHA256

    f221871fd58bafc0c43d778a52b32ad6725d1ed3d87d9aec3e9fa75ba7ad4b03

    SHA512

    2af588ad0bf1ad3474216419151e19b496db3fe84015d624bc68ba38d20791e95260cdaea289abf71bb47bb4a5a70d5f6a640d2ce5f774315a09079db39a0608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    001e66cdc4f12cf4136c3af1aa48050c

    SHA1

    72e4b6653a83825a0e6cdccb39f79f86c382d8e4

    SHA256

    78591025c373e87aebe1013a2d78a3d3a8e01f7fce1497777c2c3d2a6fbed32a

    SHA512

    b881f81d82b9c21ca039430ca4a15026f4d77b2550a80646f9cb927c7c4cea279eed90392bcabe9b64feb21d8a9ccbb262e655ebff70f782baecceecb81ae74a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed7ab40ee466fa6337d8390a5e13594b

    SHA1

    005c98ea9bf959d9e11874727881e242ecbf3daa

    SHA256

    8c32219d060b1cf60cf7f54c1d495b3c4d5d92ee5778935955cddfbc5c2fcd38

    SHA512

    dcfe773861653aa3f3f90aaeba717c47450450b5050c595fc9c889e6f9936dd384dd22adc5d75fd564cb628319aae510701b9d50126e54c4cf105f46ed311fb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53ff652d11285b756efec4a0073a80e9

    SHA1

    e82c77ec4e6aa2e8fb1db52e2af531e439f1aa66

    SHA256

    8c60df010656c9b330b8e43a20ef0d3ea47a2e568b9161814d80bf3265fd5ed8

    SHA512

    74b011896a812b2d5f949dd4918754eafaab39ac0e69dee1e55bd8a62d3611326f40c497ca6dac008569a707316ce9664f71527215d3e70bb005df9060bda494

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2af902de874e3e765c73a3b249cfe47

    SHA1

    b7a564628f1a15c9453d54bb0036d4080b5476cf

    SHA256

    fd567272cbde9f327462ae397686172400b6529d8f676fceb5a05c10e7168959

    SHA512

    65fdcc417a4320b501cfa92d84340050982b3e8d07ccaa316a8943b710065b6093e28db3bb4be1e9336f2f8f3242e74778625e75539439c15f335dd06d8d2142

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c603e3606f3a04bd59fd3056a5d699b0

    SHA1

    c74ceb069d4085cf605547f0129814afa9b3f243

    SHA256

    90b54c569b8548d2e1ca84c052bb110a3a40f702dc993db36966b799e828baef

    SHA512

    545bf4da40ba93e82415f392ef0acd568ffff0da9df86cdd1912309600e02dc8c27625e4ea0eb3c218285ee3fe47fc0b9e4785593deec15d3451b146e52a67e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93b326364a73374c53a1f54718019abc

    SHA1

    ac357b695cea22d9867a70fc09d24fe8bf561401

    SHA256

    7f3584555468f993d8c4c268ac8f13c0d0415fcd4d075c4d82e80a9b33658845

    SHA512

    43efe6d9922925b94dd35b6f24056fa6a5a75be4f2771948990463c8e7af8cafbc0114b5a7ad7e8400f1f6d9b6c32a9d7f8140764a0398a66ad2fae84854807b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e615cfa6bd80001c82e76d0431ed19fc

    SHA1

    a51d34fd1adc8ddd233a29aa8cdcdd397d4479be

    SHA256

    8eacdecc6d4ba82366536a8339360beb5a618f939871cb5fa08fe580ca1fe2b9

    SHA512

    76c1c74cbbb516d7deb61b49dfcf821a30650f2862659ada6cb77bd863d477c47214e4d021c28f318c893d4cfd141b0c4c1ecaddc1fbc611fc41d6f9592cb347

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db827a2012b92aba7768c3a896322ff7

    SHA1

    b3b1b380ce22024c068690141019a49dc905269c

    SHA256

    068e28aef11bd4eb9a201d5fb358ca8bd63692d150125b8514750d679758b06b

    SHA512

    71ae43c9127be7cb9b3865f82361437e10759b6dbca0af257a885fa7b8c550d92206a0ef66eb564c5b7c98112cd6b6eac3478b901359e73454145e14321f0fe8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecfb405bd34175b7450457d70c1a4951

    SHA1

    b55158345d61547c651d8849c57c267f51af3c7b

    SHA256

    8b2298bbd6df2c17eecaf8dd4455a1f0db072f3aa4ac93e5bf62a18642a4b94e

    SHA512

    d71c33251b979630ead150b6c5d07f0704da9e52ff0e9a635f31855ef236a0b3fa21b91a296146b127820bfc87a038d3a533d13ded67f3244fb634ffe4f6751c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bb423c23dc5b2bf47da0575b6407f9f

    SHA1

    57587dee7380c9437cd9155559e59fe2813ec038

    SHA256

    596ffd79b23548176b6cf9d79ed96611901f79394727ebe245aa06e413e264d6

    SHA512

    85e4b1c81c9029a21b82869f99d2dba30423d00689b87c17040e776bfd60ebcce7661f39664a21258e984805d2d73d8edfec7c30bb587f0756c2f50da2789a31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a434ba5afba5a346898285c66a0d5651

    SHA1

    33dfa2751f5fda7675198ee51e461db33dc5681f

    SHA256

    8eac46126fde449d36a0274042e9e60fee66a76386d34d737441bbcb38127b0b

    SHA512

    b0cdcd08d7182bcbfdd059beb7dfcd2074a6e6b2187e61500b14054493febfcb4cc7de43716d36af91175c8ae7d7d7742896b20a21dac76a90e9e3e9e28a2e5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bdd4773698be8004bf76f44d297dd27

    SHA1

    bdb61534ca09b6e4569c2af32cd0453341b1cc8e

    SHA256

    4c4fefad5f5f582e653ac4133ff21ccd2e55c3e7670c885a907c0032f95a7d62

    SHA512

    af73f0bef5f88a0835b10a92e335588719a0244aa8c4f5e8257bf9bbb2679b33934a466b43f7d28b0e2c67cf88d715a6333537a222eda4cfd8f106a3fe569cd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db37896bc55964859d5b253a1f908cf9

    SHA1

    3b0d4f3ee74da336a64d040a4e56764a9e25f074

    SHA256

    385776bbac44d724816ecc93c9d51a550170ba5d6369955317da8633dd9d02d5

    SHA512

    9fcd8e4ca1dff0f93b5e8431aa39880920a3e5b27ddb6a53779be7cf86524ad7fe844bff016518ded99240a16764429eaa1a90ae50045d345d37e21f76599109

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffca6ea1077a2df8f7f1be793b2eb37b

    SHA1

    8718f78373c02d6e67402ae12de52f7aa46e6af0

    SHA256

    d5c4c55ba684e0013296bc31acc05ba74213576cc8e18cf562bd3df8f44ffa86

    SHA512

    e6da27bc2e84126800512529a686660dbdb4b90bc04aceddfe75e70155c4e8beafe6e8191a6335b30d864543383a0d9817bf9f9b92c91e670b69c3d2de07e885

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec791a07abbf116a58ef970d8ecaea46

    SHA1

    1ce59d5e0670d266f71606a8b059d9545031804c

    SHA256

    f1a317b1d5c5ab50e19a217872dc6b8a36e54c58e124a7e5dded5b4d9e0de1f2

    SHA512

    0165bf5a21a4f4fd1f96f6fc39b8a19ebf348f4066196c3dab037b832b1cea3df946b8a7117626b3f56a7d5fd6a91710eb0846b8a145ac8e76a771e633b97300

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46036fd9e64f5251a01d50d7cac19032

    SHA1

    486a7f292096129e1fcfc721db982bbc9214b2f6

    SHA256

    9ed4b322a83bba7ad8c327ccae3559726e4cd53c8683774a447cfb546d4556d1

    SHA512

    617a99d9c69de659d9870180c87cd1f6f22c59d9bdcdb22d59c541395990c75e97230b9f675c9ae9b0b641a0bd2eb90cf2ebb1acb01fa6c92f467e442b119134

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae0ebef56a68b6dfe35075e90df32899

    SHA1

    9a2db8f436729506ac1930828e90a5a1f7e08862

    SHA256

    9e876c53bfa5efb5f7e819a70963637aa4335614c90e942e57f6ca37211ed89f

    SHA512

    3794b98c5aa8fcaacfaa3d40e84d82920700fe345bb5e0bf95977dea1334e79322574e7e02509ba313adff1eda0b620a9fcdf0aa9c1af4b87077c9ebbf2db546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49543c34fdd9971650346dbcfe57e8bf

    SHA1

    44b58e50ed75e6a247de6d31e3ff1e08d4c05d37

    SHA256

    a5e193517bcd79543e836db7a4885d940dfd5c086f6922cb99d406a11e4be1ec

    SHA512

    b9fb7cace8b0340010492a4caeba8d078f839498782a0cca2a584e6507cb3a825079e3fa60d032768dd9030144c2af80e507d7ef87fec6452c0b422798c7be4c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1CE6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1D47.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit