73f52abd6fd716a05c19308e6442de9a1db656e90b6bcfa2faa96990b0bafdda

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09/07/2024, 06:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
Size

186KB
MD5

2f54a01bc234bf09293af2fd9eb6395e
SHA1

65ab244b54d7f13eed6a35d2c7a680021b62ff25
SHA256

73f52abd6fd716a05c19308e6442de9a1db656e90b6bcfa2faa96990b0bafdda
SHA512

a5835e732cd7572187f726a87d0cffffcd643bfc7b6313efc60cfbe703f05b93669095d466ae4f844bbb4ac91d495b742066d93a6ed03a5f62dd4bc5fd21896b
SSDEEP

3072:MaufY4vmTnvxV9ocXiBqXbr6H7TrxXhoF8Ro9rBfVyb:SYuInpoCYqf6bpX+Fso

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 40 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\CLVIEW.EXE	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.151\goopdateres_ms.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\OFFOWC.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationProvider.resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACEODDBS.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\msadc\msadce.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.151\goopdateres_ta.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\OISGRAPH.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Engine.resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\XIMAGE3B.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\VPREVIEW.EXE	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\Microsoft.Build.Utilities.v3.5.resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\xlsrvintl.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\misc.exe	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\OMSXP32.DLL	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Net.Resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\it\System.RunTime.Serialization.Resources.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\excelcnv.exe	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Google\Update\1.3.36.151\goopdateres_am.dll	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\control.ini	2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2f54a01bc234bf09293af2fd9eb6395e_JaffaCakes118.exe"
1⤵
- Drops file in Program Files directory
- Drops file in Windows directory
PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2284-0-0x0000000001000000-0x0000000001030FB8-memory.dmp

Filesize
195KB

Download
memory/2284-2-0x0000000001000000-0x0000000001030FB8-memory.dmp

Filesize
195KB

Download
memory/2284-1-0x0000000001005000-0x000000000102E000-memory.dmp

Filesize
164KB

Download
memory/2284-3-0x0000000000260000-0x0000000000262000-memory.dmp

Filesize
8KB

Download
memory/2284-4-0x00000000001A0000-0x00000000001C5000-memory.dmp

Filesize
148KB

Download
memory/2284-5-0x0000000001000000-0x0000000001030FB8-memory.dmp

Filesize
195KB

Download
memory/2284-8-0x00000000001A0000-0x00000000001C5000-memory.dmp

Filesize
148KB

Download
memory/2284-9-0x0000000001005000-0x000000000102E000-memory.dmp

Filesize
164KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads