Overview

overview

7

Static

static

7

3a9a79e1ca...18.exe

windows7-x64

7

3a9a79e1ca...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    68s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 20:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a9a79e1ca5b1cef78e466c89572f0b7_JaffaCakes118.exe

  • Size

    13KB

  • MD5

    3a9a79e1ca5b1cef78e466c89572f0b7

  • SHA1

    75500870f1feae36bf2ef4dcf1b101a07b01d1c1

  • SHA256

    bdc5392ea94f6ba25a765b8e6fbd274ce8b0c9baacbaeeac944a7592165493a6

  • SHA512

    e34eb46eb7b9284a2171b45fa49c4bd56e0e2285fd9de7ff8bb1a4b5be8761afcc0847659139bb3a86cd30a1f5e62e258c7d3cd2a09f45db6d814fcb21b9ed65

  • SSDEEP

    192:Llp/COzVmK54Alwv7E6ClWIjr9ZCspE+TMwrRmK+vhOrK7x:XaiA7NClDOeM4m/d

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a9a79e1ca5b1cef78e466c89572f0b7_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a9a79e1ca5b1cef78e466c89572f0b7_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=433
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3060
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6b1d27d5ae36f478f1956cac9b5cb71

    SHA1

    46d104541a71c663dae547fd2bd956467e2a2448

    SHA256

    66675bdb58b6867a99399dee211b0d7cf120a640e34027fc97ebf93c57c48ba4

    SHA512

    52d864f7fba5f33f03541cffdcbba5f984300d154792a9caf353566fb585ffb50478cc8cb347fdeeab7275a983609e503c1b6a54946a37a87ce2293c58ed3a46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    761077eb382caf108b55d536b7c8bec9

    SHA1

    986ce34ff9e53a7039c44d4a1805e6443624ff1f

    SHA256

    c17747c2cbc8901f6bd376da2132c83035075baeb87dff3ba2ed330da35aa357

    SHA512

    02da80245d64686712f62f0599e247c1090ff3fff9914eaea9957eca07bd8291b72e351867f39103866c7d8d7f2d2d5990844b9fe0dcc60c5bef67c7998966a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a776ca12bca6b4923a9767ad59526ef

    SHA1

    31103736ed0645543b53e4667eb31761e129cd3e

    SHA256

    6256344be8a43c64d257ccc52b68d3515045c9c939b1c12bc1da5c3516e94f79

    SHA512

    8688e7dfc09578bf5a215f6e0f5621c9c7d75511e44f85e3a8a308eda375730921cc581788aa4ee92ad1af0e971ec47331065cbf816d11e40f46eee1ee08abba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c881c9c202a52bf739c05c8b8688833b

    SHA1

    d0f28f8f21016bd03e9cd5329690c044ad12e9ea

    SHA256

    e12e7a62b154d4b74d87a9bdef78c367a35f6a27dd54032adcebea8090ce99b2

    SHA512

    becfb5e1eda1a35bbb5ecfa1a2e3500b874cada2ae96076548ee9604e3faca7a22a0c4942344f8346245ebe0fa9cb6b6a9f7b0fab1902fb3356dc55fed6105bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b1a8ea55e213720c2e615546a33c15e

    SHA1

    4396043272037cf0038995c159437fcc066aaeb8

    SHA256

    6642d3672a284791bc1a90d1c15ef142bb2a73c15254e3fb3b0913f0242a97da

    SHA512

    e6ef350944c3c13b14e562d22072cd5554a05d6859811a1d2b44eacafca54dbc9ce48f94de1a25ea5637a8fba388a56bc37e7c467d9f9c2c152159b671e218ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50f25e32b602b8c55f083caf2c6de564

    SHA1

    6f6a48f07d78982d4cbfbdce2e56200069712af9

    SHA256

    0af5da21bc08f15de299e5f5de5865e6326bc8cdf7a395469fe56684e84b0b87

    SHA512

    4f7277e14fb720132b61a9ce354486814a4cb136bd066920ee0076f5abbbb451e93a7a565b314e26c7275eaceb02b021faac2d482ea09acffe6969fa28b9b014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52fb803331e120954741ebd9b40c6486

    SHA1

    240d3f125b862a6e0161eabfc4f8e80d68e1611b

    SHA256

    b427fa5c41b51f0436b259391d287cacd861be781a6bf60e610fca6ef7df88c9

    SHA512

    beb7476cd3eb7c02779bdb278f54a1567728fffff6879fcb4984bab5bc37737a165c6cc43a6d2b244356dea20abb9ca266691fd32439186702e288a6abf5db2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4101c7ac9ee7b702bac5748b435d5997

    SHA1

    6fe5d7b5659ab480faaf20b3f9d1cff1a40290a0

    SHA256

    7b7c7994a56a1e0891d6b4e57d749d0098adb1fa711f8897ff286455816838e9

    SHA512

    4d427f6145605f0b7799939d8d3a9ba16777a7635ec535122c7e76d2f00723d1671c7ce2b22b942e216a07fc3268eb7024e92a92f0ba9a9252175731b52de6e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e55bba1b4f3b3e0a2791a239b3d9f920

    SHA1

    b7d27b3594c58b4d078beaeda7d73ad0826f61a4

    SHA256

    1bba13815d1e82cbdae21dc0f9d7b079951c6dccb80069e946f56ca09dc07a66

    SHA512

    0a4da100d7d774cbb94f66ed2b2291a65311c69bb883cfbac002727df0d73033cb5383b46cb3b71ab673afc983b4130a4e0dee2ae29f8c117fdca4378613faba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa85bae8da5932d51ef9ec3115b88512

    SHA1

    ae73e29cc6b412157cb558ef16b914f08d074630

    SHA256

    876b9918e9435358ce5f2ff122a3896b9402ec25b5aad7bb7bfdb11da066a0ed

    SHA512

    84cfd3d4717c9290bbd0f6c3063e34f3dded071e2f4cb2de01f0f496a56826536f1242bfb7473ec9ef9feb6796d6ee4b016fe15810817b562062b08691478404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33e1dee215f3f85a68396a5d42897a0f

    SHA1

    fd4d774adfc6cfe411db67369778b06e27b60693

    SHA256

    8ee2e0bf57b305261ab239fd1f1691d9d676d2f7cc69ce3355995b30bd8dee97

    SHA512

    3b885676c831ff5f13e085eedaabd7c7ea8eb8841bb740673c777fcbaab3b58e3d2ddeb8facc3b8b6ebcafc00067e7d15ad10cf37b34ec77fae9756aca53a404

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9000e1cf80215eda550632a9a1f5a56b

    SHA1

    40cecdb9bf114ccebaa8d93ae27236f475bd08b3

    SHA256

    c3f7d57c690cb9ff469c3b971a8229be345ae8b492cdb054e5d625331cb46ab3

    SHA512

    3073c23dc9dad10fa8f12625fc7a388d59580bec9089b7e9280def8fbe91ac50085df2b042f39943695d06fbc42f439f4d25a5f6d029704f2b2e54a54d43f4a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b150d587167de5607300d6bfb486266

    SHA1

    7e734582d9097d182c95a45997b363e97bca519a

    SHA256

    8a15ac73b1777c3f71ebe73a2dc62f21ff583574545a9053b3e39c69cd9c609a

    SHA512

    235e6531adf1e1f8cbb9526eeca711bcbad9718018da111682d1ba4625fe48db0954871d1eeff817b4ac8cf23f260436cf5f30fddf983d02d2aaca4082161cca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7dcac8dadde874f5cdc9a0fb0747c3ce

    SHA1

    ff0b3ee4252bb07c9e1b49f2e8ef8233576cb4da

    SHA256

    b294fe3f530f02eaf98c7a4ed3b26e0cc674ca8180e78f5ed954e5bb3c7c0810

    SHA512

    5c535a204d8df703658bf7138e858df62ecd7c728b820dbc5910759cee4cf4d4e4ebc215ebcab51f8bbc8bed311d9f1850b8deec18292ae7ca86750858e3d29d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    420dba18399120aa754c645e90f94c0b

    SHA1

    9e7741826b6fd8b42541c040228d4fc13c5f1071

    SHA256

    199bbb3a9ec4232ee334ef7975a5e9e2263541080a7a28dff3fab8cb10a5d583

    SHA512

    dbfb7bd8eec3911ad01ede62a83d4981831f4084f91156b73b7e358c87d93f128e636d56c56e16901fe71044cbb92fd1a07b963770bff2efb332c71e86ba67ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b3b06ece429a0549dfab540ead380d8

    SHA1

    05acaa03e7945ec89484cbaea6a90e6f32fc7495

    SHA256

    aec0f1870de5a5ae683b8decc00f2b439531e1b541e9194387c4871001ba47a1

    SHA512

    5533e2c6c35a0482e6bff38f335b4fe91fc4bbe25a1eb03b9969ef6c123409e3b30a7ec7348227f57a9793ab185841878dc19afe751b51cad6073825a2e2d081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ca008786e34c8cdc1195ffbe74fbae1

    SHA1

    02a4eafccf3b430cc842e3ce3e00ff7daacbc7aa

    SHA256

    0bd1e183b2c3949cea8144c7eb78f9b001c498e5e9290ea29dd8d1634f59b4a0

    SHA512

    a83304fc515f062e1383e0bc765d7f51f9869e1efd9a38064af433aa5c3e5494460f2dc1746669da437070de2c4b215ced56a27ee4a8abdbe7e1dc92b43cbf7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d5f09fa9349f4c0d45fa975aba166ec

    SHA1

    23fdcc80622a785e6404fd01d37c6887a5ecc6f1

    SHA256

    dfd7d38f4e2cc52ac472eef46e119d4597dfba2d7cbdaa81f852b6309b609b61

    SHA512

    b3d8c64a1abd1d3f12f4c74eebe7f8aa31ba9eca05b02eef1ef1c1cf5192bd082b9dd7893976f91ce10115b0ac0cfed2e96d3a123b384a1686d5f4df0bc2e99b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5a5376c035734a33c1d7c9fa5e8e6e8

    SHA1

    18ac91096ee9f0416bcb6b753ffcd0be852f25c9

    SHA256

    802aaf7e128a3c702f52f6ad407403267cd90096153e57ca67ea60c2687f5ce6

    SHA512

    37dae87cafa7933fd4efffbd16ad69455b85ba9651bdc2fea3eae39a4e66b1c0e667af39a89061d9606dbdefcc1a7bbc6a2a97528ca43769b83cb4bfa2d6f167

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb70ab8cc4b96cc51169a539ef63d97a

    SHA1

    31f7bdddde18b3b6c3e62cf6f21ce190d6fb4dfb

    SHA256

    ca514112f7328191a4e1ae4b7749514dbb3c0e451fa8426fce2d86a7756cadf6

    SHA512

    8c126904581ae0defdf4dc463d012ae9b7102cd1be7a95c727c78925db51d90e8fdd626f3c282672241f45077bbea1c831234939990b21ad842a162047846b7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBA4B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBB1B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2056-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2056-2-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download