Overview

overview

7

Static

static

7

3f8ff8c352...18.exe

windows7-x64

7

3f8ff8c352...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 00:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f8ff8c3527052ad0bb14fc6d60a97aa_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    3f8ff8c3527052ad0bb14fc6d60a97aa

  • SHA1

    20fcfba0213bc696d7cdfc643017f0bf879551b3

  • SHA256

    f0def74af367901a971c313ac89212650a50b34a4c208f236671b1f708521981

  • SHA512

    d973f0924981a768dd66fbb054b02725395dc4f6e04af3e824d77106a99dafc84aa19143d83064b66e5561173704337ec986ce9f217138c3116972fb745b395d

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vr:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bo

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3f8ff8c3527052ad0bb14fc6d60a97aa_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3f8ff8c3527052ad0bb14fc6d60a97aa_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://d.trymedia.com/dd/iwin/1h_pkg542_ge/iwin_fenomen/blissSetup.exe
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2676
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55edde36350f9d95e43ddcd524353256

    SHA1

    1d237357f69e5fec7158071422c7c2ee541a1ee7

    SHA256

    cd39a5c735ddf876a14355d8e3e01187d2a6a56a7c3cc848d8c93d4334dc0516

    SHA512

    c09f13f100427d38508b09170f79013a5fe3cfa5e1ec7920268725ebd80ba2dba4c6b9002a34f09d914aade3082874e871d5733be8b47e33a28714f9a9d34f8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5e77676e0db8f667916d3e1d3deaf7f

    SHA1

    13204330d367d3b06a7c302dbb3f45811ebca9b1

    SHA256

    0e89ace94e4b326280d433651403ad5dd3d477a5af847074f4afc545699bcd9a

    SHA512

    0d06e3245a33486f8689a827a9deda0729ff62cae9fd970c5aafe3ea249e0aa4a3c661132d768fa266592a92d8c3d9955e0e3d4f62f547d13c062673aaf5af33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f37653cc2faa62bb4c0c2c34c721ff5

    SHA1

    01a4621a5781feb61ee29d1b31699ea5fc41c6eb

    SHA256

    ecddd3f8a4581a5d0f093ce375cef7480c88583971faf4dd67b29212401f3b31

    SHA512

    26856610e2d4d104975715f2508452e072942d14989676e0ec7d589cc5996879de1b1f278c019bf1df8c05e0984deeecf5e13b04d2b0cb5eb25461bb26bb2d51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1b4913cf127e5e8b0656fb0a120a39a

    SHA1

    cfea0b137ed5d455c7add46be2be03609eeb3c68

    SHA256

    c8a5c9fa87f7facc72823dbf1cf06b363fee5acdfb4bcf31c57ecb1f723dc256

    SHA512

    e38b7e7a9f377fa3d2f56ea95834f81de221c89f16ccf17aa456cb88cf7d78b57e41e50fe868cd4ea1ab12bb83bdf61f01410674533f13b3820d80b83de9beda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b4e53e35ee118b19fca54a65062e762

    SHA1

    7534f003ad54651f0908fdff162880d9b1c91af1

    SHA256

    f802344adda5bd2273ae90798a8802c8037ec343c0a395cce6a5ef4c60e19aa7

    SHA512

    3b81760193fd837f40961de550bc3608f5b7293008f2669d7cf99d69447cd776b51536702ddf881bbca21fa407d99ddd1176bffc7b588847196f3877bbd5cf1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90fde138d357d3d04df77bb972f0a6bc

    SHA1

    62e28bb835f255f9e598e34b8ce26537521705de

    SHA256

    a6e7f07103f716a5af7e7909a620400f2e9a678070e79f6e017b2bc88aecd926

    SHA512

    f03a20428877496b9043b1a8a22545580e39dfc11a091d0b32b5652696925f6642a8cee5f26ae21b49f33b39c82f7a6ef21318a8e0326842857dba2a602ce06c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d5389bb2f4f940fe37c3bcd9fd1c2bc

    SHA1

    5fdeb83ff73934f90b040f310ef8ac57d6580b81

    SHA256

    6b793eb0fe8f76c0e8ff6d1b800e6cdfaddf3a8c0cfb561f6970829ed568ec8e

    SHA512

    c9731856997857cf8931b4df23f0b9f2bcc6d6e95d30242c1c8f81904b2126b02bf0dc1f01a0a244ee7fd49f30499a0a6e17254f45343e7fa247a68756170659

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1871fc5e905ecd93a1d6b74dd97207cb

    SHA1

    8f5d92d3444228b05bca5293625988409e7ab27a

    SHA256

    0b30de5f8fca1b1f8ea58a462b375ee14225a08b9ed2f7b1bd1bf44a0ebd9e6b

    SHA512

    3aa9048826240a66dfd1542c5bd4ebdf4750f3e1f10cfff5ddb9bb5959d7e6cf3da290d1529709de14aa8e27fbb3dfd76b2018ebc6f5b5101a479c199c303738

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad50ab61a695c9b5496cc754ee1d31b1

    SHA1

    3775e7c9360fe1e062c06fef175fca7830310b72

    SHA256

    b5fae6f203406802e472202d488a081169cb6af17b2f2acecd16973edf754053

    SHA512

    631ad425b2f83efbcf5b5a19e91ee7152d461e62e605676ba4b08b2cfe04325213457b84d4470c6a52da8b04eb86b28335b275ecef55d07e685c0c67438b205e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9193913dfcbdc88abd773c48165dc23f

    SHA1

    1bf6e4a6b9b514eed32455253f611bfa2371303f

    SHA256

    a7aaf7244bf5ef3177ac088eb747c8624b9c04f5d2cfd6fbfd3abb4a3a85028b

    SHA512

    995596e40a0256731fd126aee35f0fb26db213ade7c85b1c3edb4562796f14f54e99a91e8ffc5f059ccbf32d440530266b038c8b72d9d12640ff35696666e5a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19244f3c6bd636ee560efcb5b83a2ac4

    SHA1

    19532b7b57d8bf04def3c641de0480c3ed2f26e2

    SHA256

    7db4cdbd7d78c68a77d44aed0db9f9553f635ac676fc1a4c7d583ee650502014

    SHA512

    c56bb02b3fd98ccac4c475f558cb7b35d4a615c6b32c56c478692d513824f5aed645bb3bbe25a808521814ca62f947e21b4ad8167855306910d9925ececb5f4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    818e54de2db24eab5661974b3d1178c0

    SHA1

    2b5bfb299c93513678b90f434bfbc4ee420b7499

    SHA256

    646f370781afd34713e7e8c7204d15066ac91cfc3049d0ef0cf06898495fe744

    SHA512

    937c8007c514cf201efd1dffe07f1208f5a26c5189514ab21919c28cbd50f2f13bbbc55640cbcf6847183092578f837e850ca10c53aefebd14e64edefe781069

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df49af7cdc25fe885fe294a9148ee1c8

    SHA1

    d181ab44fa54b99ad42861b5929a22ba652ac29e

    SHA256

    66a5ebbe81f5b987dc60bafa82dec502e5d4bb14e08162f66cea64caacd9c899

    SHA512

    e8a2bf53f4c65881576f32edd27dd1a43e4fd2bbd30817e80231b6106cbb196a82f17f6b1af6796828c42803476662c44f93307db26cbb76a8d17b6603b0ec0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf492430dbf3b6792fab9c8dba79c754

    SHA1

    2074fef26fee8961cd9fa0c1e4746e754240d061

    SHA256

    0b5f6e540a665f0a24eaf58d3d8a24fc837e5f7ebdd48aa5a1c19146bda7ff92

    SHA512

    c7de45761bd236d041ee2738590b383f4a4b8f291ff0624949a0093168914a47add38d557226f481ad1c600010a0f4473561be93bf63c091b33e9cab8736e283

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3684da7f55830877b3ab8277e3c388d

    SHA1

    fc8a3880421c41bebff9d81cfd19c195ae9a17df

    SHA256

    50fd8a59d0618694242c1f5c15bf33c82b8624c07edd886cb458d71bc9d679d2

    SHA512

    3a75f08e81a9da950062c99557ae89b1b27a370fd2a903741451414b24cd0e8e0e9211a29b26797aab6775b3a6d652ad9fac6c2406b466cab50a9e7aa420eb1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1786314f2742ab91a5ff74ab662e587

    SHA1

    ca30277b924f7bdbd25da613e02f35468720fb16

    SHA256

    545f0a82e51df3cf19ded7cf7bef68e50ebcf1a7af40d2a07e3fa6532aae7570

    SHA512

    d16319395e0cda361dd8c8fe330b643ae5d11169318595ae67bc4cac2aba259bc6e3347dd23b3bce99a6d5cf37a292912a3dfa0ca01596819c8b7ad44f53bdd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4168906da2b8e01d3f4d14a20dd0abc

    SHA1

    dd6b8445cdabcdd48ea93413f6a262e990ef58be

    SHA256

    bd2d969a332b5143a6172448f63fb8d676b1a91c56bc9c1a5647da4e1a77ffdd

    SHA512

    f935e523ad1b2e542da7dea80fc6e07184c306552e7bfbacdfc15634885532b8d1220c85d3c168e4bb295066f036c4a621d6f552bdd5d6d6baee69b7d7472ebb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    587d979b62ba320fc8a939bf3d258d78

    SHA1

    afd91e787950938d821658bc811f9518336f89c3

    SHA256

    1a727490489ea5dbfb39912ba53efcde9bc3016f0f88d9d6326b4bcd9b72ea91

    SHA512

    4a979e86ec1e5858d930a86479b89b69a3f5adaa0e3b55229760cf7a70a984176a6dbe0922995637d8104719ac92a2f216ceaaac02dbd0750297c9254fbb9e5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8054a65c8548c2267e322daadd740bd3

    SHA1

    2f94d91351bb51f7db521130fe2af4f4e5a90cf0

    SHA256

    bd6d9d2a56c15f1bcdd70720405478ba2d24a9350f03730e4d9b924fb95cd41f

    SHA512

    79670c17bc7e8c548fc2b374bacbccd5fb07ee9bda076757a9758962d05e517ffc89f5ee5d01e9a70381efe926c54f9fc6f936d14af2c050fc45ccf2be769c14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b71328f1288b4f28ed64f1979d9765d5

    SHA1

    8106f3eee1a8aaac5d1527a584f3c5c319a41000

    SHA256

    64fc54153b437608e0d4151d667aa7d46924cca6e67ce85bb66482ff9e112ac3

    SHA512

    4293c209cc9254f809b57364f8818625afb3faf5d00abb36de04f987a5b37aa324ed568c0a3bdf5f090c517392400cc68285b69cdea3e2916524f6a4e95734a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27b523a60de30916714cbcfacbd6bdd5

    SHA1

    ab82c098678211c6c0d42a72025796c45368078e

    SHA256

    7a1cb87d2168e54a440e782b04aeac3ada304146032263c39f44a89eb31fb798

    SHA512

    919930a1aaddbc501d376b1860e30a7ebf196e13b3545aa3fe14485990fda1424c3c8e6828f69dcc2aede38cb22daaa0968c7f5e335798c92dd67724285c8609

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab36EA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar374C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2872-0-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2872-19-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download