Overview

overview

7

Static

static

7

43dc5870d9...18.exe

windows7-x64

7

43dc5870d9...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 02:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43dc5870d9192c626e62fa5d3e367895_JaffaCakes118.exe

  • Size

    13KB

  • MD5

    43dc5870d9192c626e62fa5d3e367895

  • SHA1

    67c98f2e03edce8e8b32ed0de688d6e13a37489a

  • SHA256

    77c7b00d444cc30e96795de12cd664253dcbefed10eae6731ef974ead8e946df

  • SHA512

    eeb638a18a4de70f53ebddb155b98e6dd6ea90c971a92c75654c5627580aef39d7c297cfb49924a42eccba947686f4232c8f94e752201a821fe1a6f04df67225

  • SSDEEP

    192:LYovIe9jdGSHlmK+Zpb82aQOhGcSBr9ZCspE+TMwrRmK+vhOrJ6hwK:b9jLmfba9hbBeM4mdx

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43dc5870d9192c626e62fa5d3e367895_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\43dc5870d9192c626e62fa5d3e367895_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=43
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1176
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8bf3170219ddae04aa9343cf3a5f830

    SHA1

    e1e045fc465c3b8e25ac93947e199aba4dc8ea43

    SHA256

    3c4b34034c13de507a98506639ceecadc1459603a5c2cc235e742be5d1c84f5e

    SHA512

    ebb78d37bd40786c536338d47a91c44b77b5e738e815bcb0244827c6a798d5c3e8126d8e531064b4b83f05aaec3001599095e869a9a29d32e63e2bd6d104fa62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a470f78fcb45f676a30862ea11b962b6

    SHA1

    69795a2ea0298c19dbfaceb0d9ce42d4eb3b349a

    SHA256

    59e644b68936f05a8975ba48f3fb588fc2fa9aff7852ba90c7ea3eb2a11d9064

    SHA512

    f6f365af018b9f5ecf8febe4dcbcc81cc6e35aa2498ccf32290eec43b2ea42de84c9701db696832eac174a3bdaf31241175d7f7611156909a31ad0feff87961f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a2251d431883b6702c296ee1b6b12a5

    SHA1

    158f612fee4b3836d4490c539be2f3ff0f1e0441

    SHA256

    554b758cf72feb78db63f41c95e67c1b195fe6b6f952389cb3e5f0d5c7f13e4e

    SHA512

    6c88d9c279691409e78aec1f5e95d275514d34a47548063c3a1077a8760dc9b74945656a32effa221ea014846e6fe66e13b119b71e07bb52d547c979865656d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df2c5597caa284a0547a929b04e2bc61

    SHA1

    08f9182850df7d2de970ec8823e53c4fd99bd751

    SHA256

    f2c0dc8241aa8e3c0ff4e0bc7ff647b046030304b25e6a451f4e2bc13804a627

    SHA512

    cab20eb92ab9603b34e21279cffcb7bdb2ffdbd324b95aca618517ee7248cc0f38057ddb50851ddca52edc976a7671c6aee5d7352fa07b2198d3386fd974cad4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14e281bcfe833e9d88831a00025f4aea

    SHA1

    804b5af4a689fc3f69f687c47841411dec706314

    SHA256

    461dc5f0c2c1c0313244263fc9b967ca0bc8f65e0081be68cbd33b11cc8b4a93

    SHA512

    9b4112e310521da259be249978594f3ae72222a3277f67c607b98af72e1f81975899682f1dc6b3674d84818c3ffdcd31b65083d5120dc0262f4acdb5b19c4973

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66037bad5fe3330cc05ce53e8b9091ec

    SHA1

    ba763876643010eae384cc1d135ec737ce13f42a

    SHA256

    a227490480575ebaaecc1638e2f9f196ebb476e222e226b743e2b457485d284f

    SHA512

    cfd39a3c9062ae100347da451c4b7087c82c2b0216c571e6a8842ba22dc9ec394903b245c874ab006ec287d43b96246d84f4f8e44c9ddd302bd8fde98c1491c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0405a6d6dd6d3bce7c296bee25d13d57

    SHA1

    113618247a7b0a30db679b19f510b6b3a41ca9cf

    SHA256

    91093630f122b8bdcf7688adf198783a613d9acb29f13be35369d389b72ebe10

    SHA512

    6eaba5023204e83f80348bcdddf0a0b102cf34087b1155845b8122296458e9da7fdfd97c1cb386c04332fc0cdb70e6720e3741de148432d5690dba1b907eb920

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e74d2d92eb943a1d4d13e017b8c7ecae

    SHA1

    59bff1230326c262619182a1c405cd6e55b8c702

    SHA256

    d315cda05fff0f2620c646454d589539f71808e584b005ea0c20eed3630c8cff

    SHA512

    5bf35e29b2a6f2bdc182e2b9758e3f261a6e31ae0a81138ce33cd9e89a78d1ee24426ca626d8146788617065f7f0f63ee0ec2028ab4a5a51a307052eef113cc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4324718e3b69255b33fbad3fb86b81dc

    SHA1

    c11ad01a841fe348945bb3a78e7fb73639902ccc

    SHA256

    3713ae3e262ff167eb5fa998f40ebf0da395ab6aa0507dc654f40a44894a4618

    SHA512

    f970d27c5be7882033fdabf5d29c95d5ea79bd066bca37c320bd0dec943488382cdf8515112f7414de67a1a9c49975044cc35e175012b4c675c2033f0f7479ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fa55be2c4015ef5a445826690e8bb5e

    SHA1

    6ed12f39c4431c4b2c9e3c174aca95c9e243dd57

    SHA256

    9f4d26f91f28a282c35ae8e092a5cb3e2e9da244b6f29f7f14a0ab8d05cfb1e7

    SHA512

    c10b2a6a0e822a92c0df70fdef13324ac5283bc1610617e9fb9e395789aaa63593633903199f675cbada25ac2d91b188f3e5f8160d540e458ef2faf67bbc8665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69f7388fe91cbe1f11a3de5c2085fb67

    SHA1

    faa11e4e694fe0e17822a48e912c8b502875d402

    SHA256

    b070422788fe87b8ba4ececca6db8dc1f53ba826d685886a1372e393fd416616

    SHA512

    019fcb88a79c008a937ba3e29e45906512d86ad64aaad3f0058f8a4bd0863240c9b706f7a0125881c1caab86ee643885ccad617cab8b04e2b8a55126a22b5cd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50a0ef9f89376bf5258e3e8fc87ee63b

    SHA1

    8d6a4e06192bafaf832c69b072f3cbb3592c0550

    SHA256

    a25e1da045bda573fcea1dfe94a482a44591d5a0e14b3fd542cb1abaaf6b7c69

    SHA512

    e575270859b52aed5cf427cdf809a5cdc8bdbc379269cf567b6f8464e8126ff23744175ef66d8f356f203aa046fa365e764b89893040fe3610b5ee6da3ecc98b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    337d27335346014cec09cc76de90a8ab

    SHA1

    74388512b4a6e624aa5e141a805fd9c470063509

    SHA256

    635f822d0e3766430388e38ead496b5c863fc7db2da59562ffbb47b9baa3086e

    SHA512

    ed083f6ce227a93ada63513dd9025a6a1813f15ca886367391dc251b0c376c24d11287f41db39bcd75c7034cb50e704020954f6ec57842669eaa3a18b3da0d1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6bd2a0ff647b5cad8e0499c12e7cd06

    SHA1

    eb8dc0c37cd3e7e0bee627cddbdd2f93e67ee0ed

    SHA256

    3ad8747b9bf469b4dcc3c7b4d0ccbbe6ad0f14bbf7af9bce609813199f97e18b

    SHA512

    e062ee6ad8775cbb1ecc9e52a152cffdcb0e9a610b52e7ae3e3b8cc1d2151e2f060b6a8a792bb7015e61afa3cf35120f274db72bfa576fefcddabbab62941e7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6168e0b2012daf959de86b3534b477af

    SHA1

    2b7f9be5e21db81be4a8240e3980b3d7f66b2eca

    SHA256

    14e765890742c88a1f58eabad816595e01ead4d5530f3f1974510815c74f4fa9

    SHA512

    cdd45a9788dee06ad411804405b1834e78f7310d869805443b96b10b3a7de7d442e97b79c8bd33e8af54bf02e616e3801e05f94a36004ca9b3bd8c0d23e5064b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    facacfa45449122317ae9bb4ac05c710

    SHA1

    fee4f18fe4d3839dab0223f08e694a3843ff1f3d

    SHA256

    0f96dad4a64d9ea1b85b9af59fe33e60561110cdc38e8842899e36a4ca668549

    SHA512

    b787a8a71a3311451436e8e6635c3350821aa7d5331d89e5c8e6adb2268cfdb538ff8698603e1542c6b670181fc3ef2d5d3a9212c201ad47cd8015bf0b4b62a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1BAE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1C4D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/3032-2-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3032-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download