Overview

overview

7

Static

static

7

41003d52bc...18.exe

windows7-x64

7

41003d52bc...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 08:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    41003d52bcd4b345a0b46f337634ff29_JaffaCakes118.exe

  • Size

    28KB

  • MD5

    41003d52bcd4b345a0b46f337634ff29

  • SHA1

    4cd3a604b33b8a681d49ad1b17b35feecc7a11b9

  • SHA256

    19e389b65c2c2117b15b2676de81f4ffeb83453c48464eaf5187a91f28c1b5a0

  • SHA512

    739b277c4095dca6d298cb2b813b939e3adedb344df2fcc7b2bdc78a24b29c7fb93c3a16ab1c3ca944bd7c8b35c7bde049779b034b8e3db9ad3664db3b9bc6c0

  • SSDEEP

    768:rTYsw08IVCRdhD/LctvZG96C6Wy5WJu2z/4:rC08zRdhDgthG96J8/

Score
7/10
executionupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 46 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\41003d52bcd4b345a0b46f337634ff29_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\41003d52bcd4b345a0b46f337634ff29_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Windows\SysWOW64\wscript.exe
      "C:\Windows\system32\wscript.exe" //B "C:\Users\Admin\AppData\Local\Temp\ZbdwRIsJ.js" "C:\Users\Admin\AppData\Local\Temp\41003d52bcd4b345a0b46f337634ff29_JaffaCakes118.exe"
      2⤵
        PID:2752
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2756
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2756 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:584

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            069868aff2f236001133ccb480aca42b

            SHA1

            f340f8cfebec44c33913b9397705a81a98b48ecb

            SHA256

            9f5fffc244a62c5fc09ff4dab0a558b130efed5212dabf0bbbf64f75e8ee580b

            SHA512

            d8e2eafca9076ca26ed209926a96408d3d0115091ef2acf0f3005dc29a5c1810024f98867bb101c6e622411464efa34cfa8f85bf008e47956d6ef912e8688679

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            a0424181c3c5803b0d4d92fc1e1d2b71

            SHA1

            02ba20f545a6ef2768bebc823195cd4a3b0d0981

            SHA256

            fa5d34add45e05e7e9d1346bc71917f2f1adabf8d7c11f0c007576b316b3a07b

            SHA512

            e1850d2459714f6a810040ff5a1b79de9036320e0071197a431a0ac6fb53d261e9dfb3dfe25e376eb9385842de4941268745b05bf3f16e9a13c8df28ad5ffbc7

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            53f814a7c9e9648c204733a96af4203b

            SHA1

            e3936868d30b43b24ea353a7334b8b2033a28799

            SHA256

            7f59bcaa68e8d36f6c82b8743985a11a2f5c1898f7ea21d1a377d14f16430652

            SHA512

            0067a89eca16e0e9e4fe27a75ab2e53e3bd131972b32ed87723bf608a0f4d88ab2c17c0b32706768d91ff48aa9e25b1816a22c235891acf2818bf3ea8c6e6333

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            35e71180647a234c754852bf85abc506

            SHA1

            d6ee3f6b887c4da943597df2a1e94791746ec8a6

            SHA256

            5152806588eb8350e2e2b06170a146909fa656d7f176cc11f796981794b7b59f

            SHA512

            a4aa96b2286d240b96c75f06aa1e2475aa81317771d6c2e11bcc4fe27cbbdfdf868f37170c6d306f7df228d60bcaa3962f248e88272dc0df6abdc45c9d94ee0c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            ca6344eafaca60c6af8f82cc59c162e2

            SHA1

            6e5fcb76b9342709766146fa1425184c220b9f71

            SHA256

            b0b58681707a23c97e15251b47515904e86b959a4ee43f96cb1d34d7d47faa80

            SHA512

            68cada7be2383e5af4d3953a957bbfa093b577d00039cb011ce9dbf829ad53407709a783620c7bbedbf4abc305c950904e622c5819b4efb2e08f0c7d174ffd20

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            da9bc3630b289fd85d4d82028d231ce0

            SHA1

            ce004e409539ea631087c30d7d7303a02f6131bd

            SHA256

            a29cfd6dc46ea36742acda8b36b0af06d5f79d6d751dda49a9c69dcf69b00396

            SHA512

            9015759f70a006c4e8a86e76a27c09057f03bbfecafb37b40998e2277a4c5754f9f70908d9074e39a4e41eadc33b4a19b61b48b03ef2d6d83035e1f8fad8725b

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            4b79202300d8e6db714be5a6b0d03b7f

            SHA1

            9cbe8572273051b8e61c5d022f1b6f804d091b5d

            SHA256

            4bb7505dd46719cee6ca487139aa2fd5c2afb4dbab99e7fad8778bfa19fa03f3

            SHA512

            57f4c1d9f84b42daeeeb1b6d63da8babf2b97e58c6810c56af7f1f2a2d9df4c9a34df7af1b01dd7ab5223100516531793f8ae27cc1e86358070fc5d472e86e7c

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            4058bc225f9e6a2f8e236ba80278d368

            SHA1

            52576bd9ec267e612f5ed86bb310e1e5906acfa3

            SHA256

            240a10c4538419b041e6f41e075480631ef49ca6f0deb64aa3a2111bcf464a7b

            SHA512

            37779a4d7533ff61157a9621ee1ed99622ae09803ee474e550eed4f05b9ca098bc0e36e18cc01fe62662dbff9bdb76e0fbe2984bcfe47535fe96e70f60ad2938

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            b958e8060e35e75e75bae2bc1f7a3907

            SHA1

            55a0149505bd078afaebd0be1b4ff4b6c3c3c90e

            SHA256

            25c991f7fd68f7cd7842434a2e9c1d73206f558232040e961caa2105c476ba93

            SHA512

            a79992ccc3c172e80b050dab27f704883b1dc961b0c0965f3762d456f9125b43b03ec337adea5eb0d7557fb080bd754c02238a42925c17c8b4e70f09ffa83b07

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            d3f9be9fff2d3890e9973cb90d51d4b2

            SHA1

            4e74e0660bfcb628dc6bf3cecc5134917c5c4cec

            SHA256

            9018c6d60b92fb1f051ebbcc69e05be7a55849c7b6d99849d736d44242dffc7b

            SHA512

            3802809da69a69832a4b0d492e66922fdb5f6e913aa3f4d5e73e50d259afe0ab4b544e73840ef768492704992f8bd3b43d6af3d1708f0f9bc24c52b71e0f7154

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            3ecd63ca60573d4a48c7bf95ebb94ec5

            SHA1

            9fc5c15b7a51fcf57040cfab5a46d40d65e5eca4

            SHA256

            55cada93d023ef1cd8d76c23989383575252444cae6ac12a65044d40d5557c8b

            SHA512

            20db722f91ef2d4597024d6d30e7ece025db86a4df517c93ed6e685c91548d740f092310bdabe6f11ef7884a31d99f2d440df3ffb8023514d9fd55030af3904a

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            c64316ed86e7ceae67d7d61ec84edbd3

            SHA1

            0fce910f932aec913bfd8f49048ef2e8df45e25f

            SHA256

            598320acfed33b4aa2f7bca9c04eac272e9d219e35d6a3c0d5349cfca6c989aa

            SHA512

            59c5a3923b8ba482d378735a175d3208c919456c2057ef5dd492753db9de07a178f61a5ff79f7ed5cf8f2f3f7a3c76ffddd075a70d8a065eee52b82d4f09eeda

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            1ac2d8fb2545c12066214d40bb79100a

            SHA1

            19f9ccf53658f6fb6421b76cf4e99b71451cc4db

            SHA256

            fdd7caf657e172b20ba53e8aee75f21326a4ce308d22dd31642e194c59119244

            SHA512

            40927dd8d3d70d1ef9b6ca27861380ceb25da1607a7f17ac21925e7fc2bbcad815b8bb1ac21bd77ae711304aa19c1fadc7e2fdb934cc16a6afa7133dbce21c04

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            7ca898561614be0419b64f397fa7ca67

            SHA1

            5f249ce92b0413656439a9c3dbbbd421f177e427

            SHA256

            fca9ecec8c80171f13758026660923ce5f93f12a7ad2a837f7ecab0b9ef9b991

            SHA512

            510d2f67d4c7b2e74e9430fac03cceaa80c73994817937de491ee297abcf2ef6e9f231e5a02c60e94bcf99fbf445a90fd1d013a1ebbf2537a109718ec4dcbddf

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            5c0c9beb0c5eabac143791981d3df907

            SHA1

            b3cb1e47c88f899b442ecc111fd4e9c1dd7b0121

            SHA256

            2d018656bcfa21e85fac29d4fb1fc5d5c135d6c02172a3fbb094a2ba24c4147e

            SHA512

            71718c5fd16d7aea2ad34c31bd4162ba1b6873e3b0202b5f7342413699a2c5444735adf2d9031be44a7a2e90cea7edc400a7c2e2ce71e9c8a1572f205aeec3a3

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            02aef487275948fb48604300fd7b4fbd

            SHA1

            8dac6322243fa3b160a78b5eb42c7f2a2ee074ae

            SHA256

            037e186857ddeef95d938feef0b3974ed9aa2c5b583a196f011a1ee00e72b673

            SHA512

            9eb54ebc540d9c876b051fa7a1f4891797e946c55692ab705db001a0f336002f9137c3389cc0b5da06a1fa387517a69132b1a3ca91f52340a97f2ea528f0ee01

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            f610e542d16de391ec3f046715f8d349

            SHA1

            0e55078317c4b36aa17394281c3335c54913eb92

            SHA256

            1d91b3c3210e6d4593c537375fcf2ecbe6b185de19b2c78e6e2837dbdfe8ef8e

            SHA512

            0a76b04e4d566a3d3f7d912178e2d7c526a4f78c4bd53e27ceb60bda536d7dd75936c6a0e30bb756d891d703939cc8c8cfc16fe4ddeaff4b5c2333f50001cfe4

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            688d5f178ce19c6947da6c68a68bf6e4

            SHA1

            5ae937fc7b24020de0665f382e58bd63ef8f6804

            SHA256

            17af67b0d4f8c338270c9aec6860045ab0724b18787761a76fc2c46514ac1375

            SHA512

            affd85e6088c6017373ed4c7cb10a52e0acc104586887bf7fbca2f0682578fc0c09aba97603e13f6f1439c8769190d0cb652e36a5f2e459641d0decfc896e415

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            26ed07f9fd51100b53197313e1635c56

            SHA1

            42e2ad3c8e39def7da5ba6f0f9ad814bf6204910

            SHA256

            593c034d1d3d532e01058e4091737e114df5129552c2d4cdf6b6dcd51ce03b84

            SHA512

            b0b825da4ff0260797c65aa60968e791e9da67c064809a06147b75f096b1e51d65a9814b9e0268ecfcbd8b3ba0a7d873eb52e1fa2ba355120b980604f5300f52

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            e9075c614e3b6d630b08453647caf108

            SHA1

            5934f236331b8fac3ba6c8daa5bc86fda1ab8557

            SHA256

            cd493e2b68eb210404281945e2dd52ddf85dd7fbbbe06f144469899a02294232

            SHA512

            cddac427dcfc7dbf137dbbd1e899b7635a1b12b906842e604a1db905e5287155761d23b0254e23075902e35ce71deb0a293cdc057e32a658e80f426e6f6c6839

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            342B

            MD5

            151245af31a037868a3167300342b849

            SHA1

            bebffa7f82d20abf81d56a16f98bc9203d19a3ba

            SHA256

            b836bf70f67e58ee4ee3bef7590706a26d1e4d6c61c6372dc485d68b458afb07

            SHA512

            f3336fd54b996661219d287344846d14a43e32717d660974b096964445f2edded3ffbba2b2c9c3e624c9ed527caee1939691e3f279452d90e4f0b78131bfae29

            Download Submit

          • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCY0HBA7\favicon[1].htm
            Filesize

            291B

            MD5

            b73189024a094989653a1002fb6a790b

            SHA1

            0c44f096cd1fec253c1fe2fcfcd3c58fe05c402d

            SHA256

            014c471c07b2bc1b90cf5b46eb8eb60abe3ac278e43cd8fcc7c4e6c8950c592d

            SHA512

            1bca726835d33847812060c968e5306535f513429de5c90d66942155fd42ff75508dba97da8ca36c6d6e6a8df5a2602fe3be047bb5612ad4e367c6c00e1e50a3

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Cab4625.tmp
            Filesize

            70KB

            MD5

            49aebf8cbd62d92ac215b2923fb1b9f5

            SHA1

            1723be06719828dda65ad804298d0431f6aff976

            SHA256

            b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

            SHA512

            bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Tar4628.tmp
            Filesize

            181KB

            MD5

            4ea6026cf93ec6338144661bf1202cd1

            SHA1

            a1dec9044f750ad887935a01430bf49322fbdcb7

            SHA256

            8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

            SHA512

            6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\ZbdwRIsJ.js
            Filesize

            3KB

            MD5

            8fd22e977421302abbbc6036a6ec26d0

            SHA1

            6b2ae470cdbf93f4077c7d8bda43e67e7433bfe7

            SHA256

            46c9602aaffd42ac67116e33d6196bf6b625ebc64588d6c9d057d9fe580cb39f

            SHA512

            58bc9cc26d7378ff127f9c2a58c02d3593c746adc4a097d337ae208c1cfdac29f8da6949b1aa306585c885afdd4eb460917833192324776e7d55862adad58aac

            Download Submit

          • memory/2144-0-0x0000000000010000-0x0000000000029000-memory.dmp

            Filesize

            100KB

            Download

          • memory/2144-3-0x0000000000010000-0x0000000000029000-memory.dmp

            Filesize

            100KB

            Download

          • memory/2144-4-0x0000000000010000-0x0000000000029000-memory.dmp

            Filesize

            100KB

            Download

          • memory/2752-53-0x0000000000360000-0x0000000000362000-memory.dmp

            Filesize

            8KB

            Download