Overview

overview

7

Static

static

7

3e91a5f9c1...18.exe

windows7-x64

7

3e91a5f9c1...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 19:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3e91a5f9c1a50c2809afd24bec56917c_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    3e91a5f9c1a50c2809afd24bec56917c

  • SHA1

    c8f129f42e6d971bca1598e693c090ec092869fa

  • SHA256

    2bbb9a7c7560e39946964f43f39158c79ea70cfec1c56cb1e3a55f8a4558e8b1

  • SHA512

    958be440f581766fd3bdab842fc60e71fa9afa7b587e15f7701fb7e565706a9e45f3de9cb37297fc153163e441e90d495a579f609fef61a2a350b37c2b12b92a

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1v1:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bU

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3e91a5f9c1a50c2809afd24bec56917c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3e91a5f9c1a50c2809afd24bec56917c_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.regnow.com/softsell/visitor.cgi?affiliate=36566&action=site&vendor=15737&ref=http://d0.fenomen-games.com/files/lostinreefs.exe
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2732
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfd7c29edcfa503da4b200740d2971e3

    SHA1

    bbc5bbfc97037592339a3359a13b771b7394c62e

    SHA256

    9c0e33bb1d179cd8ac843a4c716d1ebe241030999718514343e71ea2892792ab

    SHA512

    26fdce0f695567458d0575559d116eba805d2c589250ec684ab7068afb6319df396336bca94ee19fcf964e79f42681343e0d9ec894004dca83889ac7871aac1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd7b4d5551df3fc02263541b3a6b7ccf

    SHA1

    8bcb391d472331e471a0a2e7bc696e752bf23b06

    SHA256

    1063e2db869e29afc873fdce92e478beb4ef92c8fe2ff0088d764c907a889862

    SHA512

    d3cedc98e7dc619dea9f1a70eeb190eee79d232386f722054287af4fb739f153313dcfd09baa3cb8afbf1bae92d28964d615f20e49277724d7293c0f56a994d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fe1c24145c104712b449bd2ec58bfe3

    SHA1

    6f6d9686af56f142a543fb839c900a04483202fa

    SHA256

    c9d5af01983467974b3a07bebbb228cb26d9ed4d6de1b1358e858baf3bf26205

    SHA512

    7fa894e0eba6b2610b19138421a9bcd122513a7397615f9dea56da6a2b8c16e75d0296333152153ab845f519767e77bca13f692964822a8836769cc42eb0efd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91e95fc054589ee4ccae78f5dc2c3fb5

    SHA1

    48be4b80db9d3543e8a969ac6c49b6210382768d

    SHA256

    1f7e1beeeca5e26c533e905ec234e4ae296516620f5680adedcc774180d4026b

    SHA512

    6e549aa9d11411cbbf04489acdd350647d3af6ef3e8c9215b3077025ed8f9a8aaa2203526451baf5ae38ed56d3f985dce9d7f5206dac0880b380bb3ce8c092e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84af35758513d200f02de30ca0bb6b7f

    SHA1

    a42a6d2d8952696455c8d07ef9616a0f14b99187

    SHA256

    564d21c163d2a584e14e3c558500859407e7ded9b5ce67b53fb3ba7c0565b34b

    SHA512

    73abf57ec042e0a9ea8f81881af1a794c7446874ee527816dd5cdc6d56b4e9a326d9740b4b02264550c7fc3b8295ff6c3c5d32f2f654eff20db93bec88efd3b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e030b361484670583355e4044400818e

    SHA1

    c1cd5fce562de36b38f43d6825c0cefc87549728

    SHA256

    a04f15105186d64bc0c7f944d05d51edac1ba7b4963856408a39af71cd4f8417

    SHA512

    f037abcdfdbb14509df99b965d9cd26815d0def3a294e4ce3b6e5977e9e5a520385af2b03103ea02164a988f15219e8e515c83456da2ab3a4f3ba1db395d422d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    deb84191e15b01324688658d12721d2a

    SHA1

    a7e3b92567223a907397fd9a7556e232be46132f

    SHA256

    2d651bb0a958020e722096cae3f1ff462219321f057fcfb146e714dad8645b7d

    SHA512

    af1f6471c8df667257e028e359a8289a191fa696ee21d56bd27190149129ad87e495623d393d0014f0d180c54a0e0f1bcc078dcf52e484308c4502da59b3d008

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c5fe8de9f289447f41850407ada3764

    SHA1

    469ac05da1a18caa2339effcccd02bdb8b817d14

    SHA256

    bd0a6b085cd2a1c3cc703c9548e817fc724ee255a086062edbe66fe127da781b

    SHA512

    5e23d1898ab06de8b1596c1d7c32e9722fe31b66eb2e0e8e58298a3b718b2ba49455eec2c12c0165644cea275d8c5088aa73f1e827a6f9905a017e6ca600a30e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74fbdbeb682e9026ee5d91a84918ce6b

    SHA1

    763f4d5bcd429d087b0cd8eb46ea84fd28bbfc60

    SHA256

    39e86ea3af77380b9a9aad2002372f638bd7a4d99253900437e213d01bb0259b

    SHA512

    ceeccba5f2c4ba994cc2c121bfdcd5541e056a30245d8769d7ae901e8ca5de664695ec7a1ff9279621ee1f6376a07882d8a3c2bf65b7e931448894e42c9d9bac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f9f10978faf1a4787700ade81281e31

    SHA1

    96d64b7afe42183a659e1d50212e1b049fd0bf32

    SHA256

    795510458d73aef46cbb467ab7a4ce5661f26a5342b797d119cbe2d88044ab71

    SHA512

    86c8e514f4c69d5485dc49e7747c25610fabb798321e7c6228d5dc496b1e2ea5ec209bea45907be53a07840cab2955ef35c3b4e9f7359c56685665b78fe5cc43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36a2ac848deb84eef37e70feaf95a259

    SHA1

    2da54c88c6a55a24cf333d5b7ed1d160822835b3

    SHA256

    51bfd92df460de11fc19f3368a1644faabfa9bc87c2d7dfb7030b29651414506

    SHA512

    2c951c7a819a920816d14c3cf7cdaa18c5229f8cdbcd65eb24d9de0f36bca6007474d5d220dcf4063e5102a895b6f43e9e6fefeba1e563c2a6f7f99c2a6e59ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83c002c249608c135552cbe7eb64688d

    SHA1

    4e369005b1d128291a442bbd119c478c743d926e

    SHA256

    e72876aa726f86f840821ced982d761fb0f2043d41ccc88f5e7fa6de9d23559f

    SHA512

    372c0217ff42180e2fe1663cc532910e347ec0b06fdd62d782c6237f6fd4d5450b9a7d777f0bfc52b0f354cedd17576185cb8bbe49663f0c3b34e5569251cda4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eea917b2ac2599c4a30063291d4b5866

    SHA1

    8d66f3f2a6492d8606f89baadb041f472b114311

    SHA256

    77484bb7b6ef9f0f271db4742dde3f988cb8525f6b7b617b6e047d5b7e3f180a

    SHA512

    95e80e86e98fbfe928187052e97cfbe12afb2497cdba2bde7324d417d981f8373690a45836d19e5aefec4c7dc8f2b24cdeb5d7e102c34e9500b64c5343a2ba6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d6702bf54e2750b5a34ff3a9e2938f3

    SHA1

    4b8933f991f6c9f50795de9a0c173291b138b983

    SHA256

    52876229ae1a3c5ac05275c15950105216f9deb45409fa4f2f3308e529b28913

    SHA512

    e2bc1e5ecead702f83b583f46840a6704b6592ca6c70f26722de434141aa6095848349f7bd49ac8843a27b572da6fe0f4e5204d8b962c2121d8665db86e18655

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfa6656b59c98bd3c6e58e7b8dd0ff19

    SHA1

    ed483c4ffb7b6bf37dd66338b029227a1a0d1db6

    SHA256

    b1a508ca1f3cde545ba1dee0dee52379043f65e5e0ef6c44901d5d304aa90406

    SHA512

    ec8147021b3a03016f944bf7d63675ea696063242ca9ba1e42ac6caa5cda3ac3650304abe7b078831ba3ceff208cf8ef8fc3b97140438c0d3b85e4fe7cd20c65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38c1d737cc4768b56d1874bc80c0bd09

    SHA1

    c5dd0fc69d2e97cd47ebd56970dd678bde05d392

    SHA256

    e1a0f9e4f1b00f58494e3c3c483f433f96125523da4db7c8716cc8da25fa505c

    SHA512

    aa5da972302a5e76b848708e8a275d01955314e97566a40b4f4640e54d0b8b6fee2216fdd67f3c175b48dd1de095d3a6f01261a13b00772511d6f33ce9c3acfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24039a2db31f734a340166ac24bd67da

    SHA1

    6328ae0e25b33329536ce7d719b71c379e2d882b

    SHA256

    f3e1d72d5ea2d09cdd4e255938548694fb964c1ff4292e944b89e6cea0f6f95d

    SHA512

    2c93888d4f8211676fbe06c842d69f8644b6b78ee27c0f98dfcbcab1d6738d6ffc97f20b366bb559148b90f5361f8dd251581ea867c6c253242c53ed3b2cda8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40f4da4169859c1a0aa1ee2823f11f6c

    SHA1

    316d5c956b8fbc512e716ebf22f4ef483a75ce5f

    SHA256

    0e78547e81bbd071a964d1e563688e72a822aed5f8bf14115b1b7bc50f4a7302

    SHA512

    8b118fce6896f0fb180cc1e749ce9353a5823b24560ae43d9d35091ee8272568c492f5dc9e4970c690338b0aaf6c57bdfa3c60e96a942ddf3ac8fe0154b7b5da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7e575f41d7ca9a01f8ac600dda15eab

    SHA1

    be807bc10754e78823699a35b70961127d5283b4

    SHA256

    96f6ba22e406cca77021e1931276cbd049eb876f07fce05e57064bc2a60856d6

    SHA512

    3696a117669fc635d46a80dcd84e50dea230780bd924f2fdf327db5ee266797a3dbbc33be3f5cacb5310a5c09c7b373525cc4bce7db115155032f05b63457e48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e94b5e554e6d1b26896a6be2471664b

    SHA1

    d36cd5206c2d41236631eb32c1dd689d78133c06

    SHA256

    b066f2d390768efd4689a488e57e15b110b17f8d8d5daca7fa85387227a93583

    SHA512

    78023d874443f604e245470aa84881ac9c548cd4c55679de4bc5d9bfbd3bac906133265dda43b7dd7a953ea372516ff61dcb178022051be581f56c4e4c80d831

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97012d50a092cdb6316ee7bfcaf95e2f

    SHA1

    7c7bcc3d0b9989da99788fa786ce571de651868a

    SHA256

    6308426bbbe566ec520c849cf42b7329ce6a4bcc68abb0c752bb6c5c22a0ac25

    SHA512

    70d157b763810e0420d9bbfd5a13a6040f32f8ea42d59573aa0a3a13054a22dd28a9e5431526ce15cbfbfc99c213086932f4b07de95423a928010924873c6898

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab458B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar464A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2292-422-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2292-1-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download