Overview

overview

7

Static

static

7

5a93c4b53a...18.exe

windows7-x64

7

5a93c4b53a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 05:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a93c4b53a2d03186023d6382b4c450e_JaffaCakes118.exe

  • Size

    45KB

  • MD5

    5a93c4b53a2d03186023d6382b4c450e

  • SHA1

    2337f87f6c7fa9e50fa1fd3c344143075a58a904

  • SHA256

    aad665611acf30a81e396deb1bb887d1c8d79db84e89f9f7f98c6d30ba251399

  • SHA512

    0e9b286d7add8ca3e14bebd7cf7313119198f2ea34fe9d16d60e5ca65cf88ee8375f5671cdab285f8b5ed72ab81f536452acc665d15ba95e68ed149408c1429c

  • SSDEEP

    768:Qk/TVP3t4IQgXlBER/h5L9Jg10tFTf+PE0V/7he9m8p8OmPGzFydZnbcuyD7U:V/Tt3t4AgV9Jg10QV/l4m8BzcdZnouy8

Score
7/10
executionupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 46 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5a93c4b53a2d03186023d6382b4c450e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5a93c4b53a2d03186023d6382b4c450e_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:808
    • C:\Windows\SysWOW64\wscript.exe
      "C:\Windows\system32\wscript.exe" //B "C:\Users\Admin\AppData\Local\Temp\WBsVbPMmZ.js" "C:\Users\Admin\AppData\Local\Temp\5a93c4b53a2d03186023d6382b4c450e_JaffaCakes118.exe"
      2⤵
        PID:2368
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2944
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2840

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3a7ad8eb261488aaa2a9457746a94c73

      SHA1

      e781745ed1a9f22c89dbf79c00c075c4554a782d

      SHA256

      c5855ab015ca2d4a47c1adcf91812e2f6419bbbeb893dd9f1cf5caefda1442c8

      SHA512

      1cb83f4311a95db82ca5b2131a9bc29c0e85f22b08667836a0dafe4dc359ee8dbf340219465b8bb9de84d472f2af39f6c6e7203cc65302e9dd52c3520097a6c9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ceb0fdd6f67e39ba42385d64c0f226d6

      SHA1

      e7813301cc0cbe40be1ec2b967ddb2ebe1cc379d

      SHA256

      0e2da14bee35d56c99c4e252024c3c273bf7bd55f763bdcc8c20a1a611a642ef

      SHA512

      0161c97ef02044339e720203c6c80ca2818df7d3cce4e33718dab864548c94c7d67c5771b5ac93e817cf65c9d3dc7958fbfa17c8dc324c0ddca87f693da8db92

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      eedd06007777ca9b26d3c822206342f8

      SHA1

      8c476cbc782f3a59557df94567546097ac0d84c1

      SHA256

      32c105c3a62c2833ebeb443eccd5e962d382ccd26317fa3077af817fad937a90

      SHA512

      4cc48678293c9118549f583b4374fb61cdcde3bc76eee7c12f51758f78ede140b5054035d052e4d99a3d5b813a4342a5c3c3eecd99df600c84546bc02a7c0009

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3deb575d380c581aee93f8559037ecfc

      SHA1

      25decbe1e012220740c76438d05f3064da6655aa

      SHA256

      bea27634505cb24cd33f8bd38b9510c76a04956fd4c73767d629029f1d271c6c

      SHA512

      195bdd57a271616d814764d4d3ce31d3c03b7fb66613140f4064f6fcd88dc59c2f74c7840af3a4eebc9597e50d640adb778256690ae5c963555e2231e6f297ef

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      05b8a5de3d3fa32e26f5a2107810564c

      SHA1

      8d51088ef2bc1e49450c072b98ae1cf7a9f29c1c

      SHA256

      99506a5353e88d516cff3a660717ef4a72f8d07210d86426e612af6b61af13d7

      SHA512

      8996a2e37fa83c65060374ff911641849b513c1263da256ec1bdd34a4efe013a8d15efe18403d02fcd7e21210650cddec9a277d0041ed41c857f67a32e7793fe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      10b14d4efdb594cb785bd9f5c517e3ca

      SHA1

      36aa3360e07cd92ab84549fbd8cc97cb8c1c083c

      SHA256

      4866f43da3d14e8cec79645883480876f0bbc477c89a944930b36779c22d38d4

      SHA512

      b45edff9b16cbddb12d07fe22335aace302f829ad2e871bb1af11304072688ab73aed4c0ceb4987205b4e4c5b9f6967a5303b70da74b9233848d0e5dabbf274c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b88ab549a370510954e2db6fe3c39a85

      SHA1

      f39ab7452acf04695d57b39a772908c5135945f1

      SHA256

      65e26ad39bb430e1adae8f0f127f17c1a5076b3d9a6573883775ee721a1232c3

      SHA512

      2dff0b481c5dd0b7fe4c6960ef3e532d0425be0f746d5f9da3f8a60c5c89bf31f7e40dcad1202f8603f59928fc1582219d0381c3c738f5945507538808745acd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      6ef40e09cf6d12e198817a64dc55448a

      SHA1

      c11f51fade13f55925a06bb3534e8e266b537a39

      SHA256

      111a5dac55630f9ce1d561c2b120675187b9b4c303da20115579ff95e9037188

      SHA512

      8b19eef796bbe454715f3bcb93c8dd5ad04329059b764b87838b81637db97dc2bac5988fc1f1262ab86f58904803c47cab57d41799758f719bd89cc89658f7ef

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1c3ecadbc4a04b3776abca2a332a7b37

      SHA1

      3927c6f82e8ba8a7229d8cb70c5e411f64eb4419

      SHA256

      f9f5116cfeea7b6936041e5c1ea78a36f64fe606b3b62db0ba43363926d31027

      SHA512

      148d586f3f0a128ae4d818031544dd3a112d0a392cfa44925fb15e1a31e97bf3f6620bf415664d11e2d0070556965351da5bc72a4e11b678740c571c42328036

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      98f3193a0edc30b4b67e8d931377f318

      SHA1

      807e6fde3c92260ea97c9012fe662e4323cbee2f

      SHA256

      f29a89e27354d4afb09da04b0dd863e508b03d425a97bc00e2d7a00e89d392d9

      SHA512

      b15f0f67a19c65691d8ffbe69d6dc6e0a943522d1ca49a40dfb5ffc627ac6de7802a000d2593828d57c0c52eb4e06a1989df8cc47b888a224bb85716b4deccbe

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b4904560117d15cccf1140c7f7bc19cc

      SHA1

      2a931dac263bcbd8f31c7c84d5de0faba0083d00

      SHA256

      fce82d32c4260bf1246ff0931bea2ca13882abefca2a7dd9dbf3c38c2c689574

      SHA512

      6fc321adf312407c64739d1473af099cf5535dae2ecffaf1183097096e4f288680d75e6e04eb5f20d6ac52622b7391c0e6ff7089a12325d0e5a977721ad69ecb

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c148adfb642038d1acbde4798e759b63

      SHA1

      cefd4804bc1835052db28c6f4d3598aa6966c622

      SHA256

      577c6d56bb8bb028710ff80ae172592861eaa6d2f384403821d556cfa52cea3c

      SHA512

      e6c94d77e99c3d7f4d37f073ed6c1f5b65554a6ead4295300fad63e852ecdb9668ff72a897c2fccbaba233e38e2d06fafdc187286e1ac9c1c2bf1f460bfef780

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      cb15d4ac57e7260519d90bbd9ad0d4a9

      SHA1

      8a868db8d732609420ba5bf3ffb2bc8af4a2f8d1

      SHA256

      36eb6e598c7120f076df8c4ecd913e2ff947ab3b60ff192d601287ba076edf49

      SHA512

      8b023f4b40245e84b8883bb96e425ad3a37667a74d38dc967f62da48662b7dbbd54f43dcb8fdb9fe40180f59a61cb9c1a2b03e8285910a7109d71cfbe4154d83

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b6ef33cde8e593ef9fa4505724605174

      SHA1

      d6d5ccb6c39cb7b3a81846d849c37165704f1787

      SHA256

      2b01affb16dd27b46955aab548bcc465d2153417f6edcd62b501f787583a0e2a

      SHA512

      d2a77b711ce340a01aef8463a7dfd8e8c86d2e2ddfb1f613372c1ae014c822ec77b40cce3333f430476ec906511e61659bbd2c6fd19c3c69e67941a4bc81ad0e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      105f986571930272cf451275bea098a0

      SHA1

      d31e18ae009ecfda77597b8a8fc8ce057f790a76

      SHA256

      5e8d7d73d890ba823465e48f79f3ee8311ae4a7e065773ae3d95af463a83dd80

      SHA512

      11349e15c55a7e45216899f3e891fc54f487f467e44d2767ef71df84ffc03b9d5a8a6e3eecf4b37c456f439659f0e12f1117f785259810978325e294d0ae8802

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      248298056a16cd8e97116f8c75d29524

      SHA1

      0591dd61326bc0cda363a7e9b25026ff371dc449

      SHA256

      993ad1d19c2b95e216855ca6f77d61815eb3b36d5de1a06e8d08ea53e250d61b

      SHA512

      b58d725aa33db784ed90091c4f31ee3800ee7be9054abbfcfbe6a3adeedc50b1e42a53dd0e2bb498193dad6d4b96804a638cb3266888dd1555fd21afafd7397a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      59b9d66d8d2a57536caafeea8ddff6d3

      SHA1

      a898bdb46a53bf1a80a0f8fd78461292d6515927

      SHA256

      d1c4afe82f4a6d5ea8ff77d2c22f20a317638b46d09431fed7484f3e207a18fe

      SHA512

      4ce81ab3b282386a8b5a5516801bc814eb8b314d7840cc89957c7eecca9ec4aafdb5e22482e6827140414ad50796de49f08543d1e0e92f331690277d5703bf24

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ab44d69e52cadb5b8236cfd60a1ec807

      SHA1

      ecd6ad5fc69833fdd647e613789c03b7fc641e6b

      SHA256

      5939a4da942c8d3c2ac7b6f49123cc70ade64f162357ad3ad63f2814e05297f0

      SHA512

      333e805f0f74da464e98e8def74667a8d7db39928c33c53ced3a90ca143b97c8ff306742f8b93a62d0861a584f18f8a5d0d2a5754524a1f5e9bbed55da7dea1f

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHDSWW5V\favicon[1].htm
      Filesize

      291B

      MD5

      b73189024a094989653a1002fb6a790b

      SHA1

      0c44f096cd1fec253c1fe2fcfcd3c58fe05c402d

      SHA256

      014c471c07b2bc1b90cf5b46eb8eb60abe3ac278e43cd8fcc7c4e6c8950c592d

      SHA512

      1bca726835d33847812060c968e5306535f513429de5c90d66942155fd42ff75508dba97da8ca36c6d6e6a8df5a2602fe3be047bb5612ad4e367c6c00e1e50a3

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabF25B.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarF387.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\WBsVbPMmZ.js
      Filesize

      14KB

      MD5

      90db9736aaffd14a5fec24020993e2cb

      SHA1

      88ddff85b566c56ea6c497d8bb0e17c10d549aa2

      SHA256

      b0fea0cc54d32e42279f5d481217a36e714c63eee9d09241757a99e8c3cf0e36

      SHA512

      3782e8c693060c726fcbbfc621b092bc1782e294cc2b104f4228bb2c976846fe0ae3aaab5a7f72be14b48df34d766ad03c0d49f1343001bf44d43febd06fdca6

      Download Submit

    • memory/808-0-0x0000000000010000-0x000000000003A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/808-73-0x0000000000010000-0x000000000003A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/808-36-0x0000000000010000-0x000000000003A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2368-54-0x0000000001F90000-0x0000000001F92000-memory.dmp

      Filesize

      8KB

      Download