Overview

overview

7

Static

static

7

3a5197ff9a...18.exe

windows7-x64

7

3a5197ff9a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 18:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3a5197ff9ab71dd57cfa0b9326fcb18f_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    3a5197ff9ab71dd57cfa0b9326fcb18f

  • SHA1

    0bbce5c0698a63f7cb409a94bdbb458f7db424cb

  • SHA256

    465a8328f80eb96a2b00620ac991d9783d41eb4535eba6ceaf06c5bfc143a80e

  • SHA512

    d7cc7310cb81a33b161cb257854d78dbf408d129412ba385ea5bcc1fe3b36494b03a1e76a7f8c899bf1311afe1fe2daec7224c41d6752c6c707542c4b180038e

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vI:PWfUkBPyrtBxgQTMK0TKpxS3H8j0b/

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a5197ff9ab71dd57cfa0b9326fcb18f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a5197ff9ab71dd57cfa0b9326fcb18f_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=882
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2616
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2616 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2640

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          da3f6314b093c4dd6f1e69ce85965bf9

          SHA1

          aa6e0d2bf52edd1613a30bc0fdee52bc762c87af

          SHA256

          115788e056559d0b2b3c7366b08f60875760123c5d8e5c3bba1c46523fbc4183

          SHA512

          c536308d1f2fb4f13a0bf393c9d1fe9b1c14492f8663136ffa0b35cbde52cf266ef78fb419aeec60034123c25bc0fca3a9341c4baf78012b44e57ed33c224a2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f18bf30e19e82073cb95051097eed5fb

          SHA1

          1e0065e8b71d4928b9771a088b8df4872dbf98ce

          SHA256

          d3bd5fd1008b2f9c4bc8b36bdbeb9fbebe7b57b10f740ca4ae533d500c12b652

          SHA512

          d3f8484a337d5bfe22ee18481c622c262cbfb2e28b69bc2463b5546aef15349ce3084934ae6286e5b924e0b2b157ec6b2e035f7efcf87286b14ef0a30ba644ce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f71dbd14f32fb67467fe35aebb6946cb

          SHA1

          8ea096eca6b30521dcf9da5b53e2d24c6fc79e0c

          SHA256

          db828b6de319892017d32d51e0c0d173b60a322b2a68d97d2dad56f2c7534080

          SHA512

          e2d5ac02a91f927a47534529cfdcee966725ae00fde5c265d7e2cbe4de99cb7fc56542acfeb25d41a6c248a58b6f15e11c5e4767a77a67db8cd25536273a6d5e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          67c3d432923e2ff8fcdd346685163112

          SHA1

          6988cf20ea1d042e4fc9141578715f8e04088643

          SHA256

          fa2edea9ca0f5b0c6ecbe757cffa8b310722218c1ca60b68447a74943e0bd5c0

          SHA512

          e45731af5db366b092b95cc8d1ae71c01e98576e172e5425ec63b161e2b3852c5b442bf9a9f708f94b4a2c25e52d15b16f66685d11f11682c07032da85b52701

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          15ed3b8c1e26782ee49bbae80ba02ee9

          SHA1

          807a4598d9d6b02eb4e95e44ddd41b9d7750112c

          SHA256

          bc2bc4a7cd5fdb390638b54fc5c9dc6e24f6d1f4a9e5d73f660870588c7b6a3c

          SHA512

          711975a51e6536336d206830da9440d9023f52f932f2afef10da254ed385fd2196001d197869564f9b03428f69293a7e9a7899abee0b835d99c737e1a5601584

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9853f8c6a10edada14864d4d4236e49e

          SHA1

          3ccea9007e0e53c4e54b0bf95ac382db40c26dad

          SHA256

          7ec785a0f165f1b766ffd7bb0d4db62d8bf468245da20d0433ad9e140851f03c

          SHA512

          d775875bf54ba9557609c85858f906d133dbe3bc88eea7832c9f900fd46f05d7619c1f31851988804e8bd60283bf6180075f259d2698714d49fe5e7f17d18c18

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          09eed4cd978fb191f443a817a7eb945b

          SHA1

          d9c1a27b051858c1635fc93e56319ed393ccaa2b

          SHA256

          16232862afd827d0c98fcd4a7a18418b5761f23b4b86aa11e8180f9dc060293e

          SHA512

          47b29430098c5ebcb67fd8beb271a3d818e1b7378c6db8ce9d7305ead2778aaeae9fc71cb3aa4803f7c1375cd79c6a82b6202741783eceaf0bf6f8e5276135eb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          246ad2d25eee148f373ba2f633e75cac

          SHA1

          625ba1eb8e585da138701c868086f0efed5a0733

          SHA256

          ee7c3a1167a889d7b7526df2c40a56eaed8a91b82032cabe420da662c74cf272

          SHA512

          afa43e1d1d5a9a87fb275353e4c1c23852da20f056895192846b07e489130d94b0736544ce46131e7ffd4272a22511614ab029ca8e4a732f6b5b67d88c7d98b1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          eac96b125d27a4c3eae9ca1cbe17bd4f

          SHA1

          f29a2ca356292325a64974f356b6029672e2348a

          SHA256

          418660d2df56617e7ca1d136300102252559d6ff6cb163cd4b426d7332d0ef94

          SHA512

          85356eef060c9444230e68bb2f2c2516d95af3d8922e2934044e087108b09b6f9ac2d3bc5a2725282e83746cc142e9524321ffa4e9979e4a13b81eebddcb8799

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          145c476b0e67bac58f22634cc9b1ec88

          SHA1

          789d6e6499b8325e6795e0bfa44378c3b9e2cec8

          SHA256

          d17bb354cdbdd8996055ff64d647192019506d729d0d8d63ad2336b7680f65d1

          SHA512

          b1c26172cba0ab79580780525755cb5b0d038ee8045abc12b234d8895053c04e682387390505d017f60d5eba1747dd4263514f3ca3f4efb8f4fd2ff40a0c4d5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0552217b060abe905e53721bb93a9472

          SHA1

          ee136b1a28a9b6268ecf98ea326be9c05713b1a6

          SHA256

          20fb968b2cfebe158db7668d191a732c0762bd949db2bbc520b6ddb42a4f6963

          SHA512

          cd2da14f34518b3ccb297dfc776a4913050800d35f218e6b88ccec34eb581b27e8fe1b15099172fdac99369f67e099db2724ca4091078ea585a790ad0e4ad161

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a01402c6b7d19bf6cebe17221533055c

          SHA1

          83db5e00e85e10da1b9d08a0347bb85410529167

          SHA256

          308ef5c8c8870ed7506be7972c14c81dccf1136ff0049dc6cbbf0627048435bc

          SHA512

          253df9471c6ff92d70cfd681eee0e1c00f64096555137e7e5c1ff80651b6cdac6cf8652adb2a4e34e6f15ca716a0aeff0fe3e8519c47e0c45798921a51afd6c4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4f7dc81dda83d8f98b029298f72c496

          SHA1

          619fbd80dbcc4170ee3c02f2f32471efcda2f15e

          SHA256

          110dacb518a92068d157d0ddcc74331820375ba158bf2fbe6907e8a89915da3c

          SHA512

          f96e7ca16860080a2c2fe5a3412749b114f33c93c11e1f3a9657253c8faa75af912e938da0ce728c8c5d337a2639b1e4b3a898bcaf383dd1c148766525a97582

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          072a2937ed2e6b27e8a25cc11b8ce1df

          SHA1

          dc8d29be0abb9e7e190ec6208b90eac7f00ab608

          SHA256

          b2a78283a26cd3e2a6b8dbd45e64729da24df72222b20f82aff2435747117cd1

          SHA512

          39620c9201eb65d26dcf81dc26eea2de57a5a8be8cfbfaa1bcea029a216a4d9c51d5580013c9e72712a12bf39e54f4e1925873fe72660aa2c1051d4e72051a7a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ceabceca277bf16c74551407fc13f909

          SHA1

          9230511e5ca50eae693135d3f65fbc16d38501df

          SHA256

          1781471122140748f42052821d65de8abca0245b7b4604b4aeb19d757351889f

          SHA512

          4b3e992cdad7ce0abb2faa13b8e355d789d140f959cfc873792f844e5dbd04b99efd60f5bfa935c35963b06960954b382570a8ea5993e75531c2108c2a37f254

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a09a37d8e54710e5387f4e9033a5fd7b

          SHA1

          8330c0211b1392e2813f5e612d445ac6993bf109

          SHA256

          d5d6ac052446215101798e5b64173cf8aa200ef4feaa43a2f210ec0dc725ff93

          SHA512

          59a789595fc778b565287158cca6eb26929e0661ac77b4c693f920a51f02e2a6a40cfb2385b097e87cdce3395f7608dac965d8094f5e047704c0a7cf076bbb5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7cb6c4d586bc61b762e8caf494c4a702

          SHA1

          de36a8bf6bae893bdd97f331fcd641f1d4e3b1cb

          SHA256

          9975fcd90e25052a00b5d94af95d8016c65d5d1545965787c63c888de96afd8c

          SHA512

          479a538e5eb6dba113771cea1cdc399ae65cbc481cd8b4cc0e101ac8b4025ddd88e407d7fc2a2af2e7819bf3bc2530263c4e7b5e15b34a4267a6a7eb2f48936b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7258d596a0a189c9ec48f22ead456392

          SHA1

          5f6c30b0ac5cfe2dc6b4e562283a84b331271e24

          SHA256

          6ae30361d3afc761858764ec1056cbef2a33a7787dc15dc858da2a89817c53e3

          SHA512

          8c8c9a5f7864a4e650e1cbbbeb97150456fc3f53e31ac4cdca7de982aab7b6ad009aeb3c0171fa579c4bd53e350783cb5c185167517635f401ad7d23fdc38af8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a0c84696bce372375025b3d2f6af9f17

          SHA1

          fe4dd0dae89b0887dd0b3b46dbb8a57b501bc8b6

          SHA256

          6515e557574af33f69047842190f22b576ee0641f5b48f1dc439fd340c955bf5

          SHA512

          318d9b8027be452c1c3fd08ccf23ec045cba3b2033041b59da5db1a5e3fc7994e012c926be9a67f6cf4ba2c557aa2be40536f8d169db89a75a31ca9c57877079

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC257.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\FG.url
          Filesize

          192B

          MD5

          0fcf82b5a915470e8a79d3516f582a36

          SHA1

          75f81b41607905b231521243129aff3554a58db0

          SHA256

          076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

          SHA512

          adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC2C9.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2384-26-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2384-0-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2384-24-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download