Overview

overview

7

Static

static

3

3be90154d4...18.exe

windows7-x64

5

3be90154d4...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12-07-2024 03:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3be90154d43c1e35591834c10ffb1076_JaffaCakes118.exe

  • Size

    162KB

  • MD5

    3be90154d43c1e35591834c10ffb1076

  • SHA1

    f61a6a7aa3087f23a11fc717328c2dce2d458db0

  • SHA256

    cdf56f4c00aca27164a8d054d9da38fe8ce2594f2fcac2e18de3eea1e68f148e

  • SHA512

    b60473135c7c54233ab2d8613cf9eb1c0ef845af5fdba2ced34fe621d84d5c1468197b74c49d0b777fc89ce04621090631be05f1ae3b5ac0d9d183972e3d1a13

  • SSDEEP

    3072:IaxAMR633jqNX9B89TX5RFX5/ioEhk9GyoztEWSWNbBy3r9XlZ3aNpjO+u:ZRo3OfC7FJ6HKGVzOWSWNbBQM/M

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3be90154d43c1e35591834c10ffb1076_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3be90154d43c1e35591834c10ffb1076_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.claroideias.com.br/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2332
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2332 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b70a98cd1545aeff5eae0045ad5d63ff

    SHA1

    7369b74adac1b0915e3f9672e3ae603b1ae9527c

    SHA256

    156163cf64fed52a6e224ca0bd571c60299e9b732d41a166452580773c275306

    SHA512

    5760d345cd180251ba6e2f8f592c4a19c1f7e2b0e0e6cfd63face21374a636b5ab77ab9b6c365f0b5c5868077601289c1c5cc07c1878989fc81dd9a898cd3071

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4669e99dca29483966cc8ceeeb20737

    SHA1

    c97827eda9b65eab440d333645bc81a81ad5eb69

    SHA256

    2a0b19bf0f9f60bc74bfdfc90a44b7159ba6de6ae0ccca7959df8b86c248ab3d

    SHA512

    a22c7355eb7fe916e48c8e3ecbe70857b1cd7e4844a3e6cbdf378d2043919100ec66979f959f2dba473bd2626cfe490953295b15e6240ee3fc02d1b825a60604

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2515869903273f0f53e022c8ea26683e

    SHA1

    e45a16324561f70547f67b474ad8c6d047156be0

    SHA256

    50d1834a9be743d2e02ffa0cbfe22bdc132943e5a5c687371974e29eb8fdf411

    SHA512

    f6e81caeca5a1ba081b7fe9dfeefd9d64dc9af25b39c29663f9981e3a511794f6d7c900f59df7b33ee34ebdb5c827bf0a05125037b2e9d8cd4977d0640c39597

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ff1b8d4e546e94e22a633b7eba52ae1

    SHA1

    1c693716942d6c69b8210c1086fd3ef13e67f445

    SHA256

    b5b8a9a07e6149a899d9e30ce2f1a28478efddc5c9f0f224f6de217fe631d4b8

    SHA512

    6ee961e5a932d5b2bf43e6f010417ab5faced3147ca7958d7a28c63c386329951cb1fcf4eb5172ad47a002bcca8b2bfb650be510c3730c4c5ea4dc9391e4d6e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57e56885462193b03f554bf7421e7785

    SHA1

    40bc83c34701f23b9bdb70d25ac9c25fb9e852e1

    SHA256

    c8bf965bcee632341390334917be9fd66b2b9d87daa5caee47a3baf4d5529ef1

    SHA512

    15747665f02923618cf1b2254273d5d67ac1e5954150ead2ae7629c83ef5f68ad396686f7a3045cb7a9d384aaae011974536a79986eb51a07ed2a92f9b301ada

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d691765d227c2cd745d4aaf95d029eb

    SHA1

    d43eb1170762b5014e7e3fdd1d24c2d55788cd2b

    SHA256

    0dbc6412569bec05692f282125729b4abc6837ff11656443fd461c8fef8de374

    SHA512

    e80dd08b15e1be2904fa9a0c2f15d1cade2ade174195155bb2ab3e880c97f7d8d81f57c75b773afca436d09141bfabff059b9d23006333802c03994a467c1fbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afa48ac52008744f795a6f8853483cd1

    SHA1

    635941dde8a995bfb5a154647f144721ba9c168e

    SHA256

    dd9cfaeb0f376718824fd6fb7c4559e3e4c66a10620507efc97d0eafe9502379

    SHA512

    1408332a07816f9413bb165d2edd43eab3386ac8ca13d5ec695095679d55cd0a5666216647089631aa011b3cf818e34e71ee5427af56f3a63e279cb8a648318f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebc6821bb51736e20d02a9162301939f

    SHA1

    bfc648b875b42bed8508f67cc23f5179ca06dee2

    SHA256

    103efad2e8fc246c1f15bba39a894c3364fbeb4ce9ff4ffaf91996fe6044f35b

    SHA512

    ea9f876296ea69e858a3b3ae3007ef9cd18e32bcbc206862e96305867fef6945d4a07bddfce7d6d2c45bdf157bab40487a78326e49fed56239cbfddaf38cc875

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    434470e2e012a8d4f64e4915fa27d97e

    SHA1

    b973ca5e11c71b367f32218411512b40d1aa8208

    SHA256

    32cf67f982568a34b7af0cdbe8a2eb7a7e610d20cc6f21014092d1cac09d430b

    SHA512

    d800e37fd5115a409da91ae22c65fc352e1f36582f3fa551bb2d9af1a5b438d09731408c199e676d222e71685dbd0e737dce06c64c84d7b7af23fc4b4d1415b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b649329a4e619662f70acba948b7a079

    SHA1

    24900762ccf72158db844da201635e1299abda29

    SHA256

    851c2a9fabcbaca4ef9d4139695bfde6c8e56b601b3c0100fe3a0969903db1f3

    SHA512

    5d9636d0c5e7743d17abb43bd1e7686640677e1f10c8e8d711b9cd5ba1bc9cb7ff02e5d21ca403950143f328dc347bb7907a7f93271b5cb4ce760c779a6e8767

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d56ff3da896e8dfc6c8aa243db264f4

    SHA1

    b1a59896d8fdc6ec79a37abdb3d37091ce4654ed

    SHA256

    a3f7220c054a1b17b1eb2c36627bfe4cb660f9bad002706fcf4bb4cb10191c30

    SHA512

    15947634b8fc24ffacbb7ce9ec80a2c8f040323efd6f4596bca304a291afe1c497f199379a563fb4be37325055e853c1a2ba1b3ff1f436e42bad7016c0620922

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c566453ed2e31dd44c470716da69668

    SHA1

    af22c009ef3c4354f588e553795c126ec27e83ab

    SHA256

    88c81d07d241420ad83304dbfb44fad32f039659f94b17aa10a35f0c41aea630

    SHA512

    8043fcd8fb3fed645d0362f51f53abc01ef2cfe4db2b82cef6ab01f9f0af1b6b28cbf84446032f048ece15c3efe63095c0fc9b092735b6bb7679de1ea1415880

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e167f2c704de63a78379a1a5772d82fb

    SHA1

    3e38007b564aa724ba5d5dd0b265bb0180c88be3

    SHA256

    bcb257c8e39360f10b46b1a1654475c04e9174698e7f82e9190982c2a2f5ad46

    SHA512

    8958f53443a79b1763417b7d6f91904ea73c57416b836442ef310f5349e480cd3a5ee2b05dc414bb4ca32e8bf3bc2c2710c0b6548167eb5c6f65dbee0159bc0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6e5cfa3c27902ca5fbc8ccc9af11771

    SHA1

    92754ffc4b20917a8eea63cd43fbcad01614de78

    SHA256

    5930d783c77711755b52c1c737a509033ecf2d34457b34a669e2efc92dacb3aa

    SHA512

    a4e5f9b76b8015c089f26871fa9dcf0ebed56523daad7b9900042e9b40833b8d6dcf89f616b7a4e064cba4f9221770ca4fc8ce5974ba3ffadf8b2cbf39653429

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c133f12b51c586e40cb433551cde073f

    SHA1

    0a5a13f8b53ce01b30aa4db78eff3d9ffa5a1475

    SHA256

    4b0e465adefd17bd70dbf891b4e3d5c6edc15e73b47a708a6f016262d37b4607

    SHA512

    67185b76d017f6b5a1605d69422cb94687f4821ee41a04debe186f7458cc7179b60fbb6476fbd6578dc04a7081d5665c99d04d869f74e19765774740d527c41b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc5be9e184606c38936e2751e15bbd18

    SHA1

    8e28fc32a7a7a1be10f263b4b308a06121583152

    SHA256

    0a3819c98ffdcc6f18e57450e8fc742f04f50e23c4e6da9afc9487a4938b5cd9

    SHA512

    09ff29658617dfd260354d0d72caddb2a042e3c25aa2edb17d2e796eba2b28bf6656d70b99ada83e56567d5887f5f92602907cd6aa9e98b5ff750f1f92761891

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    452f4b6e0411d14c316a0e8a61e36e62

    SHA1

    3c7d6c86f93c695d20abd287f696975d3188fc29

    SHA256

    eee07673b196a80c4fbb4fc77c011c7d7e0c7e501775b20818fd9e5c9d489dfd

    SHA512

    71204c7c65a303d4c23f697c6669bbda6fe4d4ecb529c0c5d16b85a3b52104756362717ca7f54502b056ec77e4daf81ae4ae1d5cb98243b4bbfde730eb169a22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83063c44f63d012e7923018bd32350b5

    SHA1

    8a9e59831ff6b9f3b9439b9d02cedaa676ea4d12

    SHA256

    a9a588c4723ebd599ade1ad38c05794d9625ca970b452719625dbdddef784ffd

    SHA512

    c0190a2994e70a3693c6c9a62e775d023034546ae7a8c4b3760533d5ac7aecef15afc6444ade840ae84e0db868bdce621f7e97df41ad5d724141b42143c16b15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4678b83a66810bfe3ff5ef5fe28030b9

    SHA1

    9db87cd6ffa0f7d57390e1f8e2481c874e0900b0

    SHA256

    b61e2eca9749241e41b86ed25def69d7a7aaa3bb3c3a4ff2cdce1fa267434ae7

    SHA512

    bfca3cca93847973a9e0ae2f4c947e2767742ecc2d272975bcfa084237c58816c28e253108e9f7aef821b55546dc04173c17a07744b1d18e5e044d9ace20687d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9732.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9744.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\new.exe
    Filesize

    89KB

    MD5

    79a272ea29d322964c57ced249798c90

    SHA1

    3c9e5e6477e4b2df5f10e2217d33a4ac41897b72

    SHA256

    5f5b5b347c482f404f434d200cd3a3514b9a9bdbf229e7bb3a7436e0ec34f541

    SHA512

    c897dc934c2f15bebef37d4dd1108243b991d3fe173f00149951dee008a068320886be306bc5db82d0c1fb78779999488e6d25301f294da3d51e631138932ebe

    Download Submit

  • memory/3000-2-0x0000000000550000-0x0000000000560000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3000-0-0x0000000000400000-0x00000000004A4000-memory.dmp

    Filesize

    656KB

    Download

  • memory/3000-480-0x0000000000550000-0x0000000000560000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3000-479-0x0000000000400000-0x00000000004A4000-memory.dmp

    Filesize

    656KB

    Download

  • memory/3000-1-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download