Overview

overview

3

Static

static

3

469eff61b0...18.exe

windows7-x64

3

469eff61b0...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14-07-2024 16:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    469eff61b05329a6d5958ce98a0fe7be_JaffaCakes118.exe

  • Size

    167KB

  • MD5

    469eff61b05329a6d5958ce98a0fe7be

  • SHA1

    e6c38855538fcbf3641bf911811ce5a83a6ee341

  • SHA256

    73473f8738372696f25de887def4987bae160467db45d6b4cdef80eec48d788e

  • SHA512

    3858e960c9ad0a3ca458833c8a59bb2f80d8a4dd4a2875ddd31f2e5b85aa749ff93dcdd5fb9b0363c4603a03a1adc89e8ef45ea3bb533d59bd6a1cc59a95b60c

  • SSDEEP

    3072:KzosMc9kHeXRihnGTlyzTNpDC8qIFPcMBkH1fD9gNLmVEeE+zKHmjqyS9BRqKY5l:NiF8SlyzZpdtFPIH1fOZmk+JjqyS9B0h

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 44 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\469eff61b05329a6d5958ce98a0fe7be_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\469eff61b05329a6d5958ce98a0fe7be_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1008
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://google.com.br/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2964
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2913fd537bc0485353f0ff613ae89ac

    SHA1

    8309adca542198513b3061593218984de1c14f1a

    SHA256

    9aa963eb964ad18966da3b3d16ade08d873d4dceb829f74b56314835f47d45f7

    SHA512

    9c6455ced44d4a87a515998f7a830b92d3ee6303875c81e94554208f4ca6126a0f8febca63560b9f3b12a3a95f0a6086ff6205c02e0c85e9f0f6ecfbe65d3ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6921e850d4064c80f6dde5e45efa53fa

    SHA1

    9600faec0df6dbdc9c7e4611cf86a21b90236b0e

    SHA256

    c6eb0d522ecd5351013758b431b8c228356b0b2e2154c3b2eedcd88327d1a133

    SHA512

    41859d40d9da291473031d50ed47e9701756f9fe674c25f436d71b25cbeae868dab381366974650b8042412b2e47e53e453ef2e4fc78d8f43b2826cfe1df165e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fd7d58c5f3789b3cede0e0d0a9d9e4b

    SHA1

    91c271257736f63858ff0cba665fb44618fb4a27

    SHA256

    09f62bf8240084dec715564928d775d752b4888c5bafbeca2f32344253605318

    SHA512

    ee30b0c481501b268919926c0d6ca96b248dfba1e9bc1bcd56566bb1830c36e3383b01a28190c650201230ff0b1ced64fb968b6e408abc2ade5cc2ae731ce50a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    859a5828903ce2df20d2d0cbf44a4562

    SHA1

    4de5a2eea70bce28d6e4b51a05d4e87485fe2020

    SHA256

    d077f0513eb46b038d7df78cd80681fc527d4abe8c4a44368f9b38d670b3cdba

    SHA512

    10cf044196e20aab006943b1c0139aaee0e10e0cf8f286152494df92586f65ba9eb77ceff6a1f0cd38e4d871dfa98f63826d81d75756090dae451c947052f522

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a905d706d3332bc60c209607caec3a85

    SHA1

    0f4c749b35dde594aa17af13ce4992daa8e31601

    SHA256

    645b79a4d043045f021f3b35966f347493318ff33f3162fd7901f437cbe8b6c3

    SHA512

    438fd5fe14b97a3621d1e6372afe81542a52855ae38d45090ba8a751519fd982f923c3d5a5e5e3e291fcf6484688d845021786ba9ba5d428a5b9c3c72ea9ef81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    446554b4c0d8c9b73de147dab8aeb669

    SHA1

    828352fa964e1862de4595ae250a26196adcd49d

    SHA256

    cc1223f375ac407d6a515dc3bf474250e3a454a2dce196147d42ce0874bcbdab

    SHA512

    b7291faf91e3a034391d3dbc0ef30178f472bd404dc2c720d1c697f89805e0014f66f319750af25018cb03817539cda33f8444ea8111ea178916762afe6c5c68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9481738ccf1486ed2a9791de4bd6064

    SHA1

    14af7a3176799c4cb55a298b950c0ec5d01304bd

    SHA256

    9aa2db5c3a2d4d9bec4bd7fb6f406e904851fadcebcfe22f70532fa6f3181aa1

    SHA512

    dd43c76309e34ca131109257e38df5c7729b1b0bec1793dd599216b23504d69c6023b69b1a4a5a73053b35ee3d1ee94fea407d4163f7a24d0f230f9f4c68ab2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    856cfcd8ed3d7457a0cc0452b01c794a

    SHA1

    cd2cc7694d4bfa64500a822e5d001e47e977eaa4

    SHA256

    a0c14e6e0d213e8254491de3cb16de1cc8bde503abbee220f7b227b0e5e8c317

    SHA512

    24c8513a718992f49833e5328e1736809d7b4a028f2b46cd2a077c3dac8c70ed53195a9435303c42b77901dc921235f4e5ed303ffb246131d17d1130e6cacbed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2547aba8c626d3305c3ccae778b1c68

    SHA1

    35a4bdebd40be82a8d3655f6c943ebac5dde6aaf

    SHA256

    6b41f92d4a3da00908626c255ffa59adb4ec2214ab2165e63c0a34a0c97efcfe

    SHA512

    8991e42c84e298f0feb469e04e6e0c04943b38109c8d50f920bd5f1e2e570af1f3cb5e610acdfd02ac388f2098549ee2fab72591556054126d172de956c9ee64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    066237a6d94ef3d96d54bf0551e3db9d

    SHA1

    c9c0f7065eab7ea7fe2426195b94afbc2b29fef0

    SHA256

    613ece63a9ef4e919abb65363d462db83ba1f95e9c033858b90684269cbbe18a

    SHA512

    4f8088baac549a78e49c3c5fa1afe2d4d46d6ea8431062c711ecd42b5621befb370dbf4b8ad3f709e5dea339fa0521314f5efd5d3b9b601e5bb520c08209005e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    295109f0fb78968075f8fb410e6d2557

    SHA1

    75ff824b72e5c6fd1552b02a8fb0332902b6bddc

    SHA256

    398c4e9c3f9e7f4558b6c011531b0ee19373fce570fcbc4e88d857a7c96c7e92

    SHA512

    2d787a11edafb164d606b3f82c3fa11b4c454efc41a39c9588da8248612a59bd66a4b2b636e22d169a70a876645ef81e5a875a286f709838f99c8521b72836b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a506ee76fa758c621fc15ff2b900307b

    SHA1

    0420b18bf06930876158794b43478a74dfb0922f

    SHA256

    79276e955185c3613a17679b4207318a0f5f6f8fbff536d21b73644d2acbefbf

    SHA512

    79b9136479f0033b49b805c06ba171f9969d770cb780d58b45af37b0d4a8402825b2c2378fc979d3ea467333cfcd81db02bc3743397a5f1fd9dc8ebff431aeda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccedc5ef54234a8776ee01860a201e71

    SHA1

    58c0512f7b8033d1a2e758e68cd04cb8aa6f1e95

    SHA256

    1a226118e51701cb6c8ae06ad243c03232f1d24e3556dc54cb3fd46db90ac881

    SHA512

    47ba99af444a00e7feb060bdaf250061116835e63a22836e0773a90e53c9571dc47c2e5987e45ff11250501582f0d20d0f5b778299a77a30bf9c52f51e3cc24b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61dd5c38b887563524530a2dbc81d23b

    SHA1

    c5360a56ad070983536bacea0fec483f0433e2c5

    SHA256

    0375f9f2609e9b05c2409c0edefa4893f8d5a4228f8ee4c194c4e6e1ccbf4a21

    SHA512

    2cf7feea53fea119ab6f24b3e5d98bd01a9a3afa8cd06b1f4c265f7d2261acacf051b83413213cba5a4ed7ddf11e045c39873608265cd3e82257879734c9e56c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0654a94a1f10403eaf54f9330788f34e

    SHA1

    40c398d70a9e17f2ae6a6f64b556b3890d670ee6

    SHA256

    fc959825008de8d9172efa7d7c93090252846de48ffa8d2476060a1cda71338a

    SHA512

    2615c58acf69fb543fc5c4e0942aea3184829fdc0f7c2c6c0eb10c7b7a1210afee9c924d9b75dd9396a1514511dfaff47da1306af1c31cb81d6b5afc66dffaa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ace4c09c9ef5cc9533222a52d1c25b9

    SHA1

    6c9158086b46d664875bf8d4e2d1beabf2bf4bd3

    SHA256

    ff19cdcafc14cb97a6b27d7b2cc7b4ffc4bba407baa7790e493baf370bc0dac2

    SHA512

    a1506a4d84e67fa57084d4e604862b120bc61a9f9b0c4c2ac187f8e09c3e6acda642025144881ac9d03e3764d42a01d0f4ede936607094d334924299c4cb4cff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd7463c702d10229ab5b4e93364fd743

    SHA1

    9ea9301e4bd07b5146ad02ed8d3da72370dd0def

    SHA256

    814910a0ff1c3ae7d72855b6c4998750c6b2ac163f66fc61e25e2e4cd7e80e1d

    SHA512

    76fdac5d2ce8b4090bc7b877c2e1aa38e46c01da7a841c06721b97228f9d5b5936413397c3edb55441ea0c5cc8f8c2b5688fdfdd1c061c15332af483d77b2c82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53bcf623a3b9ddf2ea579b676ba14156

    SHA1

    14f97ca4f8bba8dc25de2bf03fc24f431b30412b

    SHA256

    ef5f3ae6501d999712a0ab5c8b8e6cefd8af0a89092ceaa518a31e87b08a67f8

    SHA512

    a14c88ed170c179382f5dd6cfb2b29a84fb95e69769e748695ae6631707e827f658284daf7dd1ef221b1d18289d2ffdbe84dd3d89a2ee0f8799b7befa3e79b13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1769f34a1e152987009e3cb4d536296c

    SHA1

    b6e1b69ba816c2af78f33dd0b62d5195ba4ec8c1

    SHA256

    6012ce6baa6c27f67f8d1c316c55efd756f81d3a630567fcf26097885200e072

    SHA512

    4032ecc83e1b655a1414d3e6f675a2af0452f568517865488f43305d01f43cdf64f0b88db808639d9ac3969d42a9fb7ac841164744fe579ac6931c2715b3b09b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat
    Filesize

    5KB

    MD5

    e0308370f35e94daca236dbfa9046c08

    SHA1

    4ca97080806bc49f5eb4acc44bcd0d1ae4498169

    SHA256

    8034ec992a0f243b976d93c42e64892c2d354e17d221a77df9c4ae287f81d3da

    SHA512

    9e781d14e185dd86097a9b21b74bb6994e177b8f20a311dedfd40dc2396145cc45ff0ba61ee57f40c1bbd438cb5836b21cb996396ce29b669d725343491333a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\favicon[1].ico
    Filesize

    5KB

    MD5

    f3418a443e7d841097c714d69ec4bcb8

    SHA1

    49263695f6b0cdd72f45cf1b775e660fdc36c606

    SHA256

    6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

    SHA512

    82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H1FOMV1\styles__ltr[1].css
    Filesize

    55KB

    MD5

    4adccf70587477c74e2fcd636e4ec895

    SHA1

    af63034901c98e2d93faa7737f9c8f52e302d88b

    SHA256

    0e04cd9eec042868e190cbdabf2f8f0c7172dcc54ab87eb616eca14258307b4d

    SHA512

    d3f071c0a0aa7f2d3b8e584c67d4a1adf1a9a99595cffc204bf43b99f5b19c4b98cec8b31e65a46c01509fc7af8787bd7839299a683d028e388fdc4ded678cb3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\recaptcha__en[1].js
    Filesize

    533KB

    MD5

    93e3f7248853ea26232278a54613f93c

    SHA1

    16100c397972a415bfcfce1a470acad68c173375

    SHA256

    0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

    SHA512

    26aca30de753823a247916a9418aa8bce24059d80ec35af6e1a08a6e931dcf3119e326ec7239a1f8f83439979f39460b1f74c1a6d448e2f0702e91f5ad081df9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF125.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF126.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1008-1-0x0000000000220000-0x0000000000222000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1008-0-0x0000000000400000-0x000000000046F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/1008-509-0x0000000000400000-0x000000000046F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/1008-506-0x0000000000400000-0x000000000046F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/1008-2-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download