Overview

overview

7

Static

static

7

344ce91702...18.exe

windows7-x64

7

344ce91702...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 10:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    344ce9170204a415c0d4d047bdfbc0b3

  • SHA1

    d70f34f77d9fe890e18b61c57a8b5ab12342cd81

  • SHA256

    b9e66fce551add4a881d641c833bcabb0071b32b9044ab4a98ca06e13612b217

  • SHA512

    7947624276ca29c0ea93d714d67951bfd2291ecc1e2849ab2fb5082f4acfd3f50f048e0e82e4c98b2f468c1c4df6674b1817414b703652713d44d23d220461a9

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vC:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bT

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=477
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:840
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1920

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3d1369b0d193da828ad6731d79af5dac

          SHA1

          a58647f33b662b21e547ba5792346cbcdf6c8659

          SHA256

          2ec0d8f46c2622a9624d03bf2f02c4a46ef76166922d411f3b14dad18e9445bc

          SHA512

          3e9cf5d33a08b18a2cd617682aa9ce99cb90cdbd2c93efabeec2e0444751ceb1013a6fea9920f1d287d1d6ac801318ce0be12744053a35c0dc954fb34c2a0fe3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1a85ab66f2b63fc681b0565598e5f42a

          SHA1

          b4e2d7e4c675de9d6fdd6b99800fe1c80d4c2a54

          SHA256

          321c1324f3e8f4bf25acda1adefa646de73401fe56546b6256dbb676f5cf7aee

          SHA512

          978d48d3e967c94a4cddfd09c9fe035fa4e2792b5f0780a6050f079ba95d61cea785ada0d1243549684c098ae2c736462f03ddb8ca0229820566688726e45cbc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          29c3128c229a32b9626e999680b882cf

          SHA1

          36a7a4faed6cbfc71430c64a5246e3ae87e6a8f9

          SHA256

          65d720ce58b1108fc450d1400098b2386b79138b7879c2c08ef1a5d23d727081

          SHA512

          486fef7d9503f6926c89a79cce1a907912ff6664e7a1554651052090c8b0f248ed3b1e4314a672ad74216b59a48ce03add6101e518cdfc6f0b1e4b7e86af8dae

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d295f6066e74434b0679fd0461c9e47c

          SHA1

          23982b10358c2681f1cdb297f784a521076c26d4

          SHA256

          22b5bce1f2b055255827b5fb96ed03399b8b428a053b2742bffc6b262d469dc6

          SHA512

          0bde80ef21ece3eb856b12dc314f52e0df92b131dc989d5d2baa55fd7cb7a65f15eb1bac186f8e87d9acda358b256c50193992c7a8cfbe5bf12d6ef14b29ae34

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          08df17941a5f7b0e9eb827ce771ba458

          SHA1

          d71d9b37a8970d437186f124077d336a1f91c7e7

          SHA256

          4629d9f6406858269091850ae6731db271ec7da07199b02932d30f4423104bd9

          SHA512

          9cefc9931f3c69892bbe44ebf8341732f62954b8fa39809758f9661a3ee323002de3d67e4a48f1eba516143b6334438f6a4ad078bcbfb8b74db7b972d0f5339c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1633ef0a76e44e2896340d2024095e65

          SHA1

          127affc7fe1b3420d749af181c8637fe62b31a47

          SHA256

          9c998f8eff6830d164cf0d0d6dd4a0af3787ed583b5629e7bd2c2a7feca192be

          SHA512

          b20c40f8c41aa8aa28c2f6fa9a54b22c05ab480e1b03251bdc13876a2768b3145573a97b93e723c7e607cbe338d9ec2c4c6a93ef5f97582ab6c70aa3c0e03432

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          23299fe026dcdf729012791297816ae8

          SHA1

          2b563d32e3df8b796bd60e65521eb7ae10d0662f

          SHA256

          70f82e35abbb739a6d4cac06450ca7c3c604bb65e1af361d37ab4229bc12deab

          SHA512

          6fde918f2323d2fca378b88a1c99665dacf15dde320537f42c56f5915ad92644c9f022ae4fb0b94535315632c812d1f6c0a059e6b4a7dfaa7c01a82e3ec1cc5a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e2ac6c6483c519ed6c25b5ff4624dc2

          SHA1

          88ef85e4287f86a83d7d71b9fecfae43472caae8

          SHA256

          56f93a0e5b496e2eac0c5af7ba7a7e2db96107526ea441871cc647a454c0599d

          SHA512

          dccf763ae8dd1bda29e6df56cf0e22fb2aa9bd1a28e73829193b4ad3ab448cec161089e770c802d0ebf993b03f4c7908ef10cd688a6ceb1a7795687ab037152c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          20473e01110a168d9203399fc0f0a5a8

          SHA1

          1a108f52bc7ccf7485aa71c9067fa104f0069ce6

          SHA256

          501895cba54beb153792376560782ff3bca32c813e7d8c1a9739004d1a21191f

          SHA512

          fb8969a13c8d176fe3e1504ef081dec3013d24ef09dad07a1807373a4a4ab9f6efd125e91d2bacc7302d5984f5d1f186ef7da6801945d24cc669dc42bce7b964

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1e5149f1fa7db9a56d9f87f4e65f9854

          SHA1

          544fdb2eda47349c682cb6239d37fa9607ca6f68

          SHA256

          87e9acb5ae80ffb6355fa68163ebfe1c10bd83af920fed06a963e87bdb14133b

          SHA512

          f37a6fedcf68d3494104cca0d7f0ce0be1320bf06249fb54bba1826499c39827e01eca5e3704a162ae7d3aa3d6e959b0ec3bd9f9588bb55fcc8508101d8a817e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          564bc16b8a7faecc81f7bab589c01e32

          SHA1

          38b53a34953dbcd3129337e773abb02bdf154472

          SHA256

          f1852bad85c6d57cfa127acfbaeb44efccb4adec5bf9c86f1de0a90e3420d98f

          SHA512

          89af9dd86fd33d6d7212b318885b1a0daa02b13541595db3d184291b5d7dd12a0b5f01037306515b010e321c31deeb378f5d9a716a48038b9e82eeeb1cdd166b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          44fe1a3c52104462caa7dcac713db585

          SHA1

          370bb3840fe3fab2d29ad3ee09c6c0247529ac69

          SHA256

          668376509576453997b4a27b2b3427032f924d7f02b838fb5c00311a1a7c4bed

          SHA512

          7770364029c8439ed81253e6f1be667064fb9d4fb70dc6894926b4389875eb4a3b1b76e66c97ab5f7f018a65add6f74fd197a64acbd194770626f1b3dec625f4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b900d2cb38416dc143319b9c0841aa6e

          SHA1

          682406fbf16d9ebf5239cb0947a01d72d64b334f

          SHA256

          aa20bbf8cc96d526beac88a856d68fa1709da46739db7f7a5ae8e094609977b4

          SHA512

          f1ac7b1d82f808fed3703d0df2d74f0025f53be6655eaf4a562795a1b42b27485fcaec9ca80422a0bc5420148632ebe4193ff4c07846431503148b4d57f8e6f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2834328fc60dd2208d3049c207515384

          SHA1

          8acf55b55c4d29c936ce54016364e0eff8f5388a

          SHA256

          632561f87f522a920ce8392116b6aef9e63ba0ebaad74e287a330e8773ca0f93

          SHA512

          3ca7fb210a748e8a5f6ffde595262d0d22348db1f579897d9e9680f39d0e3bcda1a5635c5328c6881bd72adf8d84f1fc10ff0947e7e5a40e8b68526177dfbcd0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4e324e87e861b55bca9fa2207703f4f3

          SHA1

          a46006bfc88beda5ecf25774ed7aaad59ff5e0de

          SHA256

          5d5d181595b62b524ce04dcc7f2904c91cea3e386a294ae489f825164ee6966e

          SHA512

          c9dc91df3edad321b2a2031d90820bbab481a0929135ce5489198b2c9118fc250f1129fc6a2f2d6a6dc95f43b366b988ba03197e04af1317bbcb0f3ac935d55b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0cbdf4eeafe16e9760335a278ea3f6c8

          SHA1

          53c03c06c24d5fd6f45b942af2213c8bd6a31bc4

          SHA256

          b8bd5d97222176c6dc50c7a29a22d5b52253f319514f21a2b44fed8cc1ba7ab1

          SHA512

          9944df405405953ba9128635744a20bac53278fbe71663b255e8a0043640c0d89d40972ac425060f2fe9964791e4a888ce439fe2efc3e719ce56a25fc6257444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6fb3ba0f15d46b3b83ba4f4f60b975bd

          SHA1

          3f8de165d8c8a80542010c594b964e947d9b78b9

          SHA256

          a88377a84a7dde3751d6e8cd9631555b117874db6b7b8b551ef5edd07679843d

          SHA512

          aa675685804e61f88fe214ccfc120ad5dc3cea8718962169eeb36fce8ace32909c85dad651890f231e99953877020f08d59c6cc349908d9e13c4ced2a89bd5c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          af308c6179b2f2735eb9c5a9524650d7

          SHA1

          961612712d0b655e720f7ec778d5dd1ff053caef

          SHA256

          5126c87a03a22c9030a433cf02fe0b32311cfb3e2305f77aed17a424aed7cd15

          SHA512

          976567de934493a04ff9b3399fa92eb9e5e69f3e90f30ec0639fb50d7141493bebefacf7eba1164337b83bd9d7c9ec62a646ef243c0f5425e679fabba661e362

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9ad52e0e9533567b9bd0aea78cc18a95

          SHA1

          50d686d1dae256a137043895cc2a6a2e8f64f608

          SHA256

          1816244b4db40ceb7d7074defd4d6a75bd65389d7416f382cf4f562127658b25

          SHA512

          c48007a7db330327d62ba656f381d218c0cdc65d3ec61599698afc678cf2972b82a00c86e081682ef740b6cc2b93729702250a6e9e55808675844f2da7363cca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a94e0bd5f4375f2e3af7eab7e36767be

          SHA1

          e385582e99ec6ff74cc3223a71c765cc20cd64b5

          SHA256

          60bbcca67daed5dcf3c4cd2b6989c632f37c47e244e37681ea7dacffa27224de

          SHA512

          119451d8a7088d94f59d930f7f331c310e28a347a4c2c712b5b6015408fb0c2b31f6533bee3d1551f9ef79c30d36c1106e6789d407077f591c91b2c1cca5e52a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4CCB.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\FG.url
          Filesize

          192B

          MD5

          0fcf82b5a915470e8a79d3516f582a36

          SHA1

          75f81b41607905b231521243129aff3554a58db0

          SHA256

          076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

          SHA512

          adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4D3C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2080-26-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2080-0-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2080-24-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2080-25-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download