Overview

overview

6

Static

static

3

3310fd4ca5...18.dll

windows7-x64

6

3310fd4ca5...18.dll

windows10-2004-x64

6

Analysis

  • max time kernel
    134s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 03:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3310fd4ca524849b855b6bf096326a87_JaffaCakes118.dll

  • Size

    174KB

  • MD5

    3310fd4ca524849b855b6bf096326a87

  • SHA1

    64f999f4866b6fa8582a296cd8f9f8c972e6dedf

  • SHA256

    bfe572aa235ac45e9f0f8b0b39a7f9112f67fa44aa17232770d2ba287c892faa

  • SHA512

    4a0f55753ff6674244f679bd6eb0071902e4e6c107a8ad47128fe87329d803e4fd9b0512631be0bc628acde2cfbc355db251b3c01855516ef73ab4d1ab34fc1f

  • SSDEEP

    3072:jqVDpPLfCYkVAokpe6ndlLrwUjk8YxsJ6ibGs8ySak50YjO8:4tP3kV4/dhrk1sAisa1KO8

Score
6/10
adwarepersistencestealer

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Modifies registry class 5 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\3310fd4ca524849b855b6bf096326a87_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\3310fd4ca524849b855b6bf096326a87_JaffaCakes118.dll
      2⤵
      • Adds Run key to start application
      • Installs/modifies Browser Helper Object
      • Modifies registry class
      PID:3032
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:536 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1812

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          87161817f30220e6d8b140bfdc915a55

          SHA1

          633c89cf235c564de3672723236a94d255a502ff

          SHA256

          2025048f2b69333b530a93b3a0639b36be2b6223f865c69369e886c1b0719d9b

          SHA512

          b73c83e38d67213a63375637a21d6d7218b633e7be01e793b68e13ad3c91b1bfb3ecf064835660021b19b35f7b0bb20b1802860c645125c2d53def9ec18e141a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fa25a41c79666d067b153be45ed4efd3

          SHA1

          86667e139bae6249af12b258e605ad8e710b306a

          SHA256

          f21d645993d1b6992de8362b306e6805a7f930fdbe0bda29b0a7fe05a5278990

          SHA512

          ea4d019302f45a331e94d21c508a08ca250f84068c4e8611530f8dfc6de8125ccf49ba5fce1c2d072e10052d72ae14078765f5f5fdd840255872f872fde1d477

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          290b5dc88d12dd99a7d14cba835d5857

          SHA1

          07b7d857a3b7a6133fa65bee3c3683a765900ea8

          SHA256

          69afe7c91c36cf5b8dc187b3534202a8c2cb334d8f89957b9409f413bfa18e28

          SHA512

          daf87a8c7527907c7ea389afc5bb04ed5fccf03475772c9cece0c842efcd25b96a93b44b6d6e8dcdd219dbffaf734190aa2257585c329d9fe58a20fe8df9c559

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          30fc839f5c3c8f0656d1bdb9d62e91c7

          SHA1

          4427755807572a32814e7496223a22fd9f9378d3

          SHA256

          5a289bf43433c1bee4ee47c7ca617d84e5bf1657d0650fd2258a91c518777948

          SHA512

          bbdb5f661d2b4fa11688fa003ef16c460b7515f2cdaa7692b42cfc77983bc5821cc9b98ec6e1077252ddbb2c452954272bcde764d99867d2dd3200884122ebfa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8c326eb8918572349874ff5a00f86b86

          SHA1

          521c3ebf7d5db2cce3712b7c748853fab3655709

          SHA256

          c5b914332c8fadc8e184b6d4f0be3487e9ad3266b05cd46c8d0318414f5347cf

          SHA512

          6ff985710462f41769c89aa25a3c89c8c22c8e83b42fcbead1e8b98e1c73a94b472aacc927ed77fd7e5e4351b4002a36985fa540c2cae7172f0c42f61c78a2bb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b476990c22eead73d1bb7995b69f6b92

          SHA1

          539707ba37ef79938b5a6ff95b9260353a67f2cb

          SHA256

          bd2a48b3dcd55e21a93833be69136cbddd9ad2ae96c399a6ef4e31e92d4ba98f

          SHA512

          9cf459ad5681d5ecc8cc354885a7b3d6a277753f57f8610251edabff7ec20c83db4104d59259de02c5e61703bb70712d46d68434d4785fe33061759e64ce02ad

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f9c9552538f3a00cba59fd7b0cf4174

          SHA1

          3818a8e4b0234163bac6d34846c88276c3f4945f

          SHA256

          304a65606391c17f4487057c6b949531da20b7025dd7455ac7a8397224d455e3

          SHA512

          aa3d02bb544899e244d45f048e5dc32b23c01c1b800542e4765533e3dbb6b0ec981cb930858ca598f40180fc00148cc931fdb68cc10bed7b59ffff73c8fc98ec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e18fb1982f30895afc830075800679f5

          SHA1

          5e3072d1eb6fe626e5fb63020b33e8aaa4623cd8

          SHA256

          392b46bfe0f7227e2fefd9201a863fe8afac704dabe599c786510d58c128932c

          SHA512

          b87329fbd066d6a2ff2a1e6381ba4e76b49ffbff0e5a21dd844c8b4dcb7fbaf721066caaf62619ae089cb4c504919f51fc8f89fd560560412ddeb33ae11e1539

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5d54781f7fdd94ccc2d81bff5e7e9bc4

          SHA1

          02bb427197171c178051d4d144d510190366ccfe

          SHA256

          3a9ded824cd6d4cf0bbcd89ae8ebd8154afe247968417ed45d7279c6ecc52800

          SHA512

          f4f4ced5a7f682fb4ebe259d622cfb255e4c5c8790e2a399bb4d2c9a09f02766678f5591f64d717bb202c40dcb968ad322fb28e2b6844cd9549d31cde6f9791d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          791f8047ffab5e1115228412a8df29c9

          SHA1

          ea8c3a4548174c79833ce5839b6f914503353ca2

          SHA256

          a6770bfc3c03a0e907247dd865b3fb5d98cbe613520d2a715fcb15a54269ddac

          SHA512

          b2e2cbfa80c2945e8dc56648a2622a84b7f9e9102effeb9cab27e7fe34ae7af125926e0c84ed43dcf4f9d16f43ad53bff7b6b81f1c46e819cd46ee91d1ab3e1a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7ec1bcbcdfd3f1b7bcc5247b080688ac

          SHA1

          df745747980d48d0c454b0fc675387f452136917

          SHA256

          71e1f76d99b4bd99a8fc1066581596caf5d3137c0413eb20ac092f2e9ab14efd

          SHA512

          1254137c9f4231642149f7c8a5a6d815d9b2a554823a0fc8d6651f1924831735c5ac17519eb93c2fba704c4ea807981639cfa0e4373a83d7882b8b3e4a7dc60f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6f5c5030a7c80958421f2786904d7b84

          SHA1

          9504267d5bffe3fc951e6ebb0a723f04fa4aad7d

          SHA256

          4d701222316a83a3aa4482979c3f4ebec2f932419f411affbd787726c40f72ef

          SHA512

          0dcbf681963362e0c653ce3e6531b5588646cff0909169662b266a647e35a796b0a86e6f51da78e141b6cc7a0410428e38fe4afdba3c61eaf60409c4fd458a9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0e81a0872d1792b9940779fa4ba2d572

          SHA1

          b869eaa56ad271c20d67dbcb90a85d5f214170cf

          SHA256

          99c29e066d6ac3cb6220f109208abe60075c1ea93ae0189c66c6391a482f2d4e

          SHA512

          c083bd88cae0e54e1cbf2f8bab4f13cd73e84914b81f530f32d54a6fe986ba7680e6b5133a2b173d8f8caaee45fea82121135d62cb120de342b8d88df8b25592

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ee040bf72d1b613f71adc2f6e9eb1c89

          SHA1

          95c8861d8b74d3e5d81e026d2047e8728860a021

          SHA256

          fca184bf6dcebc6dc7c6d865e6784a7fdfef038ce1df4c4a6efe10eb4605b145

          SHA512

          90e0c23aab1728147cd0af0afd2eec92330e660ef1417456a1f7bcbc3cfadc68e3489532e57edddd9240a7d819e1e87f38ae741019c52a403090ac5c4e644293

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b0fd4f8ff14e54438296643e523ec047

          SHA1

          e4eeca11d63a40eba9ef415c1861b34d350c4304

          SHA256

          8eaf9d642c25d278770cf5544306ddc321884d7c6dc834389eae00a71bc5e3ae

          SHA512

          e8d17af3b8ebcf9a11ee283b441f6fa934c1177f71ee4ec513ea39ec0b75373ac2fc9a0ea3f1e9090aa5c656a85b706a9b5b68502e1bb5b3820539a27f93093f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f906f2831c838b77a68c2a7a83365fe9

          SHA1

          cec8db79f7f077b3651848d0407297cec1f0c705

          SHA256

          3b4c2e39664617744a0def3c552dd50cacb92f5151ba535b355c088d5a764628

          SHA512

          f244c94e72242ffb20b11f6a33b3736ef6b4bb1eb11b4c8cfb630b8983944097f5539fd6de48d1fc670ec1aabb7dec870c48c0abce9cf77dcc50bebb9efbe7ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6499f8bcf227aac2fa5efb5574618a2a

          SHA1

          6e2397e1f95e9d210d64fc19f915e1aa7bbc2911

          SHA256

          e8e18f9426f14ee1a20b8b9dc5ce9af3fa919702038c0d36d95e33c0d98b9005

          SHA512

          d661e20c092edd41cdb43ab6d3f4712210b07e6398db39d2619f6f5c95bbc2fe183847910beec8fa3b637efe38c1046b5599a16312d781454bf1a45d11737171

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8e92575d69f6fd45b3a57af8ef878bd2

          SHA1

          825b051a449abad921b48394bdf69fc158deb9b8

          SHA256

          2b1b3befd487464cac88b58f438aedf84c0a00f58fc0923ba10567e7d20e7a82

          SHA512

          871c72dcf77d1c907dd20d2e73dee94ecbbdc3998e1d09a55baaf9867a674a8a7ede5de56d1de6379885eb93c5a3146769e0b04c7cdac55241565dff09a5caea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5c625335cd8e74aa1ff203dbbf0a0922

          SHA1

          0429a6dd0f23706182ed57808352e48a46a26203

          SHA256

          7917aeac2f33f2dc9149113a1ebdcfa1b95e3847960abbbaad829b79b81833d5

          SHA512

          a223a4af8d4cae0902fd5dd64efa461e32ae456e158e1f1e72d6360cdf02c9df7a176f58d029c54fe9e5c2c5997fa75277f26c02e7069f75a5824252b56be13a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          42fa8d45eed2696daea77d63aae720f4

          SHA1

          d6fb001a1798af01bd21bc9afddf2237647c1bb0

          SHA256

          1e3376a0d1051778e14545f1b524afccb6708b43d84a46c9dcac9c14e8ded707

          SHA512

          01a2c0efa5c50ab1c9dd1846dad50dc9671ee2d5767306c833f7e83ae12cbf7ff847244486ad17f28d570468a7195de022f7a2f9aa0fe2eb9ef46517ef496858

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2fda3f8a1d933c49c09342c4bc26448f

          SHA1

          3825bf88874cfefd642cda2c757ec2e15b6f8b7a

          SHA256

          00c0dd0d99ef658cb37204453671c84f75c652c670e4413638a57f8c6c6a309f

          SHA512

          732e1deb3e160334a7592f50c401bab83364524e62912db18be68cd9ea29ea5e65f034bbbf6199e3207a9c783d2dbc4f788ccaf1dbe5edc551def138d672bc93

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabFC1B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarFD48.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/3032-0-0x00000000001C0000-0x00000000001C2000-memory.dmp

          Filesize

          8KB

          Download