Overview

overview

4

Static

static

3

4cdc060e1d...18.exe

windows7-x64

4

4cdc060e1d...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    66s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 04:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4cdc060e1dd75142d2d48a7edb149c27_JaffaCakes118.exe

  • Size

    417KB

  • MD5

    4cdc060e1dd75142d2d48a7edb149c27

  • SHA1

    cd15b4534a14d9ac93e1bea80d12b943f9ee8f63

  • SHA256

    a111c763951497739c83bf60558d37e97032197423d558a4be699fc67c5e37f2

  • SHA512

    6a0f98f0cd5154f6edba4aca77205a18dac7e8ce64eba4532d255361b9501651e20778e2fd0f164d0e780fdd486df3402ac6552d4a0b99b10d77882325bddf6c

  • SSDEEP

    6144:SgyanQ8Z/q1QD0ZAg+qVL3pMCcSRdKskuW9vKPoCr5d3PUk3XL:XnQY/q1U0Zr3GCHfKseKgM5t

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4cdc060e1dd75142d2d48a7edb149c27_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4cdc060e1dd75142d2d48a7edb149c27_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of WriteProcessMemory
    PID:1080
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.mjxrcarteiro.com.br/md=172342793128423
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:324
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:324 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2348

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bc9ca74826ca7445891fae54b0a2ca73

          SHA1

          552aa26d849c7304be65e44402930f44ce695bd3

          SHA256

          80cd9519a203ae6efe235cd50ae8956c7d220838e216034e0a94c0cba400141b

          SHA512

          446401eb4001bd993a0de7d060c2b05d8041d2377c5f692d3e4510911a47ba55e4d51730092a48722648532fc9b7fa90a5e5c8b5f3a40248285eea3e139cc99f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b21a6a9f40cf9721c48ff63849f26094

          SHA1

          b0b3f080ef81d13c530ff7d3cfa4ff20e917894a

          SHA256

          d2f0e76d2023935bdae6047aa7192144b86f3351d31425f83de563db1704afc2

          SHA512

          b955c401c93b05e8ffffb19c156f911cb490f8fa128e8b8d3678dfdec8cf886ef7547c0764d163711e3c301dba283a423b1b4f0b5ea5de09e6546b620cc66984

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d85339ae66e9a1459c8107330c45d5ad

          SHA1

          89705c4502d781f5b9afb4b9f3323f4906ef5409

          SHA256

          eaeec68b96e76cc9459c4ef0d2863ced42d3b0913fa799efaebee98745c10eb3

          SHA512

          60e045879eca2e7f53efedf6cc3760e2784ee435311533f65096d1de42521530049e52ba06b37af301d7c6333eddc0da6ad11711aa3e76c042a73f8165bc601b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2bd58695e3aab62d87f1faea80804dec

          SHA1

          ed183b60b04cbc00924129b7b8e466bd7f9490e3

          SHA256

          21506418350dc169c9eeea6037ea189b5383b5b61c244520c8b8534c346099f3

          SHA512

          5013303b512214c8ed871041238056c9c0904412700de2a3fa04b01721c89e4e375638d4156304b55dd1b76f5033b619a4dd34d735952f4744839a89c3e15ec0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          061a72ef969208fe7a8f059bebab04d4

          SHA1

          68358ed88617e4d5e8f1978d0211d1598d3ed318

          SHA256

          258233a0cd8c77b974a6e9d6f120a2fb5f4e6d10f01e621c7b5887113b8366c5

          SHA512

          1c5116c5e07a58fb2e1d6264e9c10bfece0ddaa81d208a8bf755e35430c66508a12d0654e92622b2b60192bac96266936a5f05763b2e5e669b5785a86c44f878

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          014576d1432d4ee55b206ed11335ccf8

          SHA1

          cfc25a348b40b5e9347cac0b23339f3bd2555ee9

          SHA256

          96fea78bd7386abe34931f7c14bacc0c0f831661486032bf30da62b62dd481a3

          SHA512

          628fbda0b4c058fa4ee2e05d287ff66a5e2ddd8bef74bde921d92f5a639db478338bd914fc6e9ba2c18602639c4829f30b0aea26d47b348f43718f6c9acb84f0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1ae0ab3cc76450cade82a844c193c682

          SHA1

          c37c0ffc41e5a953c7625da5c53d05b7b33524b5

          SHA256

          87879b7619222b0de559954cb3109d92d4bcc67b90fb22b9195a4be16be957da

          SHA512

          672aa93ccb5fe05f6d8c8fc6a2f8226d347ba1272524467c8a2fa3e1305fc0fa8db0d0c1bccc0590aad3bcb102452c33450ec5fa1618a7f4b626b25b78fbfb73

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e161d288b257b377e08b153c76a31850

          SHA1

          e5373f83b699b5dcc34831de176d433518ee3816

          SHA256

          01e9d8ebb4e45ec3ec5b2637d65926b43b69e35c18edb144f93f8bf42e41fa64

          SHA512

          9f162162156c608bf50f4f90506695f39e1755b64d566de071d7aac741fd86d121828004d3a09b75ea16b7667e35c5e574de587f6284b40aeadfa973da451eec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          40c13da99f9695503f21f7433ebfbba5

          SHA1

          d82b23f3f34eb86d5d8581db68000aac5f0dacd9

          SHA256

          7ae6c41865fb3efe0c8137434780316c292794dbec467c32d296aeecc63cd660

          SHA512

          36be82bfb5024cdbd7017a88df7dee1be65536bb5abef0972e40efa2f126e8b5eaf35b3545ea8e56fcfdcffc5496796e688097fcf82577eada6a26782a0aff42

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          14ca49bcdb873326aee84e7762f449cb

          SHA1

          7d9586d5c4e7db2417d7a240833d941cc0c5c309

          SHA256

          7b6d947a3a1e35372ab14c188155ab8f878bfae6afd229e6b906063fc9bf4509

          SHA512

          01f2b49ab080a3754e6134a76a81c8b02fc33e0eb8b7a4cf7814e4a10b7b5c8d1f958607416f313fbd11c025a1a32278ab7527a53c3c2901a1f5fe20daf89272

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f8d287878a9faa71659fe9a5aa26763

          SHA1

          659a80d440d5fc95b39009637affd74b27ef5df0

          SHA256

          bd2cf859f8b0830c4dc24231420e626d703804aa21e28c151bffea6b5f731007

          SHA512

          15da0ffd6ee4a0e235b1439ace6b9b575186cac7d61dc18833351c3eaf924f18ecc79e1b82fad85a9fefe384723627110e8100d0cd8e9f38f01df0f4abaeda25

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          27985f3d6f805a906a034a062b20ac6b

          SHA1

          7555163d9c94afc9323913d440a05c12136c8ecf

          SHA256

          d0e08ee3e411b2cc769f0dd6dc2b619b6d4448ffc89eb1d1f23707734f3c9864

          SHA512

          745ad31b387519685c1b5600b4926193d45038adedadefe0a0c1e9e186b55daf830ba9546f8d4d64261755ef9dad76abb9837b50828d8e229e80206227adc44a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b46d4001e32081ebb64972f51ba52b39

          SHA1

          81328de68a5f27c30c29234815e6628925ab19a8

          SHA256

          6b923e564e2db144eda7d9ad9c1f68f5b78a551fdccccecd6f25996421441317

          SHA512

          896509572d0a43bb3ab6e0d437dc09e50030dd3c9b5ac0a54805e7a9a30bbf15a66378bbd39378ba49f991bd93d0ff1cbd4eba64b0a1586331bad6862ca44b2a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c9d2f0a23e7a5a6b7bfee7b86f157767

          SHA1

          5b07187d63678c048b5498a731b5112a7c6eff2d

          SHA256

          49fc19e46b1b987448d0174dfafbc3478c3bc76cf026e7b58a329d407bfcc686

          SHA512

          971cd499c0dba7c363019950314b42d6d0f49960c73a010b6eebb05dab6333f89312c16f7f06c94cc325e5f1563eaf66d5d5c93e199f395c5dd0b87030cb9362

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0a6fbfa06bc6c353ab6d92e806c28600

          SHA1

          6bc20d8f49ccb879b4489e5854019a29f4669a86

          SHA256

          9fac720692c7a1b38b8e2545dd2c56658e491e5bfb6d53d736f57c6fd89bf30a

          SHA512

          aab94e38dcefecf40248bd5b79030190f065cb8e8d330897c23846225983a8c5e5f197d81f19a3bd27bf57742c32a3fcccd38a105fab404dcdf9fa9850ff833f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b58dd42e8546361e8793e89fa2d8a35c

          SHA1

          c2bbec2bb446729378ea150eb2ee600d89f3b0e7

          SHA256

          7fcf61c850ca3ebed7757930c158596c9a539b2a660cc7d76cecc7d90aa737ec

          SHA512

          efd7ec348f8dc7051a140e14397d107aaab2eefff0e7edb8d5db71fa9e308889e416917422e93e54caf18a6d721da3ef98329e1dd1eb7a20720282b06004390b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3032713abfe4976c2f16e83b83413423

          SHA1

          69d3e81f8b39f89133de2ee6e050fd3310eb9884

          SHA256

          7056b87448b747567aded7f6468576bf8a2e4b46d47b4d9df0d669a3c808e5ad

          SHA512

          ba214beee68e908ff790de44e42a07705cc8cb0dbf269e7ade65471246d0960c8fff9a6cbbb5f4e5bb486fc0b94dea0b28efbd926573461c15c28abc6c70745b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e950995a8e3f5a67ca299bfe7f322cdb

          SHA1

          ec13953d99790b1e6c519c8d61bc3fdc879f7680

          SHA256

          b1e2675964a1a220c8437b799291de95be67ba956a7c6de28b8da3e7b271c444

          SHA512

          368a8e3dd529e4abc412e422486c6d178d894ae06b57e08395965f2e3ffe18eeb698cd97938d50f2cb2756ea271a83a10424ccb1d6f5effcc7975e057d9d4eb4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c9b7f7c04e1e8fc706aaa2068ba32f95

          SHA1

          a0007b1550870c9a7f0c92470046a85f233b6e99

          SHA256

          792c6fe01d7f37fc6baf967e33dad16db33f7b6234d4eb3ca5dedcc482c5c289

          SHA512

          f76f501a55627a54c6bea6fd2b8d8a13ccb7d613b3a83a9ec86a82b35b21c180c569815aa024dd006713455b768f3ad5cb1a37a0e8153d90bf1627f467634690

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d703473a88e146ba3a1ac23157e4a7de

          SHA1

          2fe7bec96a522822701e22112c0b750ce986f37f

          SHA256

          bbd5f5b3eb00ef6afe4e70613c49b075b18c1f878c75091e0084ac7aa540fa3c

          SHA512

          7157531c7c9875a09881d7ee61e520f8c451882e0c49500b5a92fd366e471977d6ed1ebe34a69bed486c3772e2e6697d7aa2a498ccd4b7f794a573313d205aa2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b1d05bf7d84a565c83fc84e869496a7f

          SHA1

          dd5011eef7f805e9c52b4080a1ca257ef6c90b9b

          SHA256

          16aa88230daf168ebf2ef7cef9927866064a7995412f8294814b46bef964aec2

          SHA512

          4911d606503fc6b42d3833923c605e3b40f7d29d286fbe9b3821274cc2b9f30ea75f4aca29261e25c49f0adb05c0aa330b42625559c65a6097ff0bd48e0006b7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE4F3.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE5B4.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/1080-435-0x0000000000400000-0x000000000046E000-memory.dmp

          Filesize

          440KB

          Download

        • memory/1080-0-0x0000000000220000-0x0000000000221000-memory.dmp

          Filesize

          4KB

          Download