Overview

overview

7

Static

static

7

4b3c0fd427...18.exe

windows7-x64

7

4b3c0fd427...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 20:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4b3c0fd4275c1ef078ffe6a0a5a7ada8_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    4b3c0fd4275c1ef078ffe6a0a5a7ada8

  • SHA1

    5c72ecb394d749d219c3df88e62fbb4374c8e210

  • SHA256

    a3db60f843c36564b8fc51c1e1408e35df535c2c4820032136df3f8628946439

  • SHA512

    75f4423c240a22279555d9adafcfa5a7a391c959fb0095c234a0dd07f9e8bd884f418480054bb180f649cc9ca657053f369b60f4731ed85c394ae973203eadbc

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vM:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bN

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4b3c0fd4275c1ef078ffe6a0a5a7ada8_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4b3c0fd4275c1ef078ffe6a0a5a7ada8_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2764
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=773
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2460
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2460 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2272

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          68affa80b3bbfd832deb49b278e818b7

          SHA1

          bb8ae2d12b249d051fd7c32bc7059311af669847

          SHA256

          50ff612ba4349e733aabf2167ed70b31092ca286a22a369418e675faf778f0a1

          SHA512

          4bdf3e5673e2ccb07771fd4dd0f2feea8f00330758b56a1c4e3bcc421642948bf58ecd03282acb7ed5fd416241a85fdded1256e390d68fe47ae50da23b83a069

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          48fc77714b41267914edadecf305d80d

          SHA1

          494c62cfc5893f7941912ea66656d78db5c2fd54

          SHA256

          c79c4554ed9da99d1d4ebefc4d8b5aebb184fec235eb12753ad0aa268f5ce136

          SHA512

          43041108b17a41e7ebdbd511543275035b74c1ee8cb6c215b5aba0534df6568613ec603b9cfce793a70653796f65e84daddcfeaf2adb7fa91f61de5df6985de4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c963557556eb6cd5eae939a5b2690069

          SHA1

          994d4238fac4148a79312a86f8fd9015ee490f40

          SHA256

          f0a5b7d2b28fd334e8f168d7f2887859d1327d3075e77a2a01fe96c785ab4428

          SHA512

          f77a1507dff7d8da1f0500fe13c7d0abc0d05af72168bf5476c727d4cb8ac4779ac91537cc0585dd450890846d1ac0c2383384c0354868232fce7018d18b025c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5ce0cc050ca7aca99918e2923981ffd7

          SHA1

          7fc025cd9c54820081c8f7013cc212c99dd61a49

          SHA256

          260803bb7b873a1933142159fc4efaf94d5937a1de5294097020568a0df453b7

          SHA512

          9808a861955b14b708f43ee2eb40932313ab9be544e4640b0094caad35cc60ba4fe5ae7c24dfb430fb21ffc62fdfde3c2dc522557a4ed6138e132bcaab6ac998

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ca0d3463f16726ed4864a2e8040c8b60

          SHA1

          ed0db31abf0ae6f12b8122670db8407bb480bb8c

          SHA256

          5f2446e7a6e46f70837561e725742a6ec1a1bc37dbcbd551bfaa5de71d93c41d

          SHA512

          e26bf5f330169705cfb1e4ef27aa62e32297c54937b4ed425ef8cfd6d54a3309650ab1a8b631ee5694a4fc97377d808427c8c4ab551cb6de337b1835014d6776

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          181fc612ba71fcb8113ed56b84c45b93

          SHA1

          a51d4dd2b377b3264b8a9169379946326e00145f

          SHA256

          d3e230c48f8b66f7952f4ce6feb30183d75e4e965a651281bcbafe4988c033e2

          SHA512

          cff51618d523fd4ef182b62e77ec974815ea986902e67e6e9bfb19cf1430acba964f8fbc89bb0f56e59ebd07481f9d971e619524ab1573e3c5034886855c9e62

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          faeb5a8db0fe31f59af5c609072939cb

          SHA1

          b608b55d36d27eb7b68515406994ae10a47a04b6

          SHA256

          6188487faef65da358abc4de30cd5b149c7e45e9626e3eddd60b567bf618d181

          SHA512

          c859fb34898b0c70c8c3d5f1b6ed1351b4704f624d0189a39e9af8dc0d3ec0b20b936e3160a62425a50cfb46699256dfc735d84bb24522926712f23d0bf089c0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c13d001f3e2dc47801a66d6a45441d89

          SHA1

          000980e65c7d454b78afb2135e8093ba750cce45

          SHA256

          3fc21171ca978c555a8f68dd0d0909b51be8e0c812b3f1d8b50a1722e3c0d0e7

          SHA512

          ffb220e0f91e5bbebaf67706831a544030e78d978156ad7e0ee2a362a185f633c62a74a5b7007c3a38d95d8daaae5712803c5bafd9c1f07f63456e1d474f45c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17426870ce7852841348b2e1dc72e374

          SHA1

          dd6e96bb81e25f33f226ba88465ea1e2cf76ed1f

          SHA256

          ee70a1821acf81f99aad2723646d2fe0918b7df4c7e0953197a7cbe595254e33

          SHA512

          25bf09dabc33585b3cf66a4bb2e68bd1847850b79ef14c2f16feb2edc81aff7c12543170d77178eb90881bfaff21940a3d6a02872369197ead3eb9682ac356b0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fd046268a15ca19ad3d444344b36c421

          SHA1

          4e318325ced61edc9a40688b481a9bfb623bbce6

          SHA256

          d5a69c2309b64b97d42310ce892e22e0982b095a83f172bb6b8eadcbc6f0f83a

          SHA512

          56669353828d51dad95f77b50dace6d216ad480905bb01bb8d73cf45c3b79c62e74ca9ecfeea511dce0a5a95103aa8d493fcf2c56b89039fd98fd42626d175d5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          61ce828879fa2f1d303c3c9996faa5ef

          SHA1

          c97501d031442ab6c5d6fb0658cce8d87f725183

          SHA256

          32e845fc4f309aabdb60ad4d5387aec17a4b69f5bd2aaccc1fa9540bad6d532d

          SHA512

          3c7bcfef96f54c967586e978034d9b5cb20d6d03c2cc120ec3d0d7abb019a1e45ce139291170982c79acbaf0db8d07b4f62729c3d50d560b102299626a2ec886

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dfdcd1aa8e654548e083e0f4eebd0cdd

          SHA1

          bf906e75f6c3dd3ef64302c6b984ec167cb3e019

          SHA256

          5b62c9fd10e5648daeb21fecc754c3c9663d489ac5346c0e57689ba6812aa15e

          SHA512

          f52dfca963647c8c3562f013b5d6998226fccda4e6c08f4c3dd428bc623284e9a0014a0d8fec5251996d0195e7712bd1862e0bf0f1c52b1bbcc469f5ca5585f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e8d3dae8f11f87ed54475f5022453c60

          SHA1

          d90fdc5e438c78102c228949213c2447df0e5252

          SHA256

          2d636c3a60071250683d2115670379cb29e3092bee4cb77d2891a802ac53ca55

          SHA512

          6f7b58ec1cd6d037e43844032c554188cf62e4d7802f0cc99217011d69ce04080d1ceaf35818668ea1c4a1589fde88e9380170fcea262e4f4fdd7dc445888517

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ab8a9ec42ce9cfac324b38546a625b02

          SHA1

          0f7d82b915fe76c6aacd1ac0484a43bf6e0d3f5d

          SHA256

          cff81497528ff1cb5764b3e33e1fde51db2709a8e5cf619827b7071258292ef1

          SHA512

          bf9330b0fd7a1ecd50567e4f0dd90f437b707bf5669f8b741456e7ec4e1cfed09ce3d8e2a9fa71fc01f406da036bb18ae638068393244b3b098c40ef0ec55b5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          85e14f5ab0230e493cdc8e15279f58bc

          SHA1

          ec6389ed46cac2d25dabeada20e3a6a5950b5fd3

          SHA256

          ee167702e18eb64c35d52d54736e855bcd2100dd032971fc11d4dce42c62c41b

          SHA512

          592b1cb6c59dc000dd497c43220978ea3b76adde69cc00c3d04ae35e1e1cea5a4d7dc7b479dbfe737801cb872cb8f4bbad5626f079d7745e87d0a1b86c02f9c3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          47102e7c79617594d148d281b6c2801f

          SHA1

          571abab403c14654ea4bb07a8ac9eadb09d19181

          SHA256

          4030708cf320024b9a3ba98616db9593b09771bf6de7420b79626a628837f327

          SHA512

          d675e6a03e148dd1db2ed6196fe3dc3fd02af110faf65ea94fe64da29a325332161d7a33c68fb9ca18a2c03db81db5d131f0264a6733ebe1fa5caee0d1855b59

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bc67c008d18d8e47682668db0213ae3d

          SHA1

          8eba67407ca6a55fd1f8999c79704a8f93c65bd1

          SHA256

          441bdd9276f3736ceb308aa781946857abdd9a103a7d1aff0d2ce6d7f61faf14

          SHA512

          8b122cbca0573817ce34f9195c11d38b05c87b1a299fcc9e4c2828bd9648c6f1a2e19ba3e318d576788c556de53bdea848a60f77c5ff56c4bb66b7f8de60a8d3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          469c2270d0335bc143fecc63f0dfccf7

          SHA1

          b32531ed7e283ea7a67627125eb2002cc9bdf14f

          SHA256

          87f637203adb6b7bb7ab3609831417c7cedb9fa01f523f5169fdf400011368c7

          SHA512

          c92dab58dea2efacfe7a5b9ac52cd28eaabc65a25efe1d54a9777b901df1ed63d45e7e141ca8f942f8fffe725da81115ea0c03cd13268e59bf9284b337097311

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          52f1e25b5b68fb0813eb501ed30add62

          SHA1

          8cc970f2db022cd6ba7cbbc183d3fb1bda4cab1d

          SHA256

          c6c196a9b0f8e76f06d33e458aa70b805602783aff4f0e41f0f0677aeadcb91f

          SHA512

          3a2ee6196062899aecac9a42f22312148bb3e1be6898325fd47661acd4b269ee665c54a3047e1d06cc19664c89bc31d4e746b355fa03dc8cba75b19eb194e2bb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab6C3D.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\FG.url
          Filesize

          192B

          MD5

          0fcf82b5a915470e8a79d3516f582a36

          SHA1

          75f81b41607905b231521243129aff3554a58db0

          SHA256

          076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

          SHA512

          adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar6CDD.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2764-26-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2764-0-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2764-24-0x0000000000400000-0x000000000056B000-memory.dmp

          Filesize

          1.4MB

          Download