Overview

overview

7

Static

static

7

5e6f95569e...18.exe

windows7-x64

7

5e6f95569e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 01:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5e6f95569ee410de2682299047c68e64_JaffaCakes118.exe

  • Size

    25KB

  • MD5

    5e6f95569ee410de2682299047c68e64

  • SHA1

    49cd50e2fe19fbbdea98380643e583a69837b827

  • SHA256

    56f4b171c24aaa153f03581f7435727d5d6aa413be0b7c072a0037f853baafbf

  • SHA512

    096a387deae37f56ec2b626c7b4abcfd4a326be6422c1f72295a5b3379d7054ae95d37b374d7f3ecd8a4ad4344ecf66f14acc650d0dd0c301b449f0c7c6e513a

  • SSDEEP

    384:9AhlgI/HULp3PVUoWkq1mFtO4tKb0ObkdX8rj3Ha2AjgZ0f6KNRy3fdCl:9AHAp9UlkqOO48P4X8n62AjcKN08

Score
7/10
executionupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 46 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5e6f95569ee410de2682299047c68e64_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5e6f95569ee410de2682299047c68e64_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Windows\SysWOW64\wscript.exe
      "C:\Windows\system32\wscript.exe" //B "C:\Users\Admin\AppData\Local\Temp\CvwRMUay.js" "C:\Users\Admin\AppData\Local\Temp\5e6f95569ee410de2682299047c68e64_JaffaCakes118.exe"
      2⤵
        PID:2452
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1928
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2764

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9f7f1c6241b15edd4d3dbc6b95cf0614

      SHA1

      f9c5db1aaa8f92bef065a1f15a1a8ca58a95f114

      SHA256

      478d31b5ca25711011d73950a28e0dcd20f9923263728f857544fd95aebd5f14

      SHA512

      c5f06475126a1c76f9565a8464948c8994e48c03beccc799c92ae9e2f96d405a9ea46934d9c2bdc6cafcfdba7c86452c714395943ffd8371f0208c103686066c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f617dd0b61a6afcdaede606de874b60b

      SHA1

      f1d8309c8f3756d519493a9c887fdffa8f43524e

      SHA256

      f45671ed0e398f68687ebfbf9795dd169f9b849706d3d9acee54f88d0a9bc4fc

      SHA512

      3833549ed04417234c6ae9fd6c0cb48e1a11310a6dde6c70d194b9d5a5624004e3ddb40f52285f183813dfb905b3ab8b3b42da21ad0c38c188af951578f1eeab

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7427fea694ec8e06d9c58f83975a6796

      SHA1

      82354c41a3847aefa505a632446787e3615ec785

      SHA256

      a5f7defd35a1e2b2d3fa9e31eec53f8c1d21dce34eefa1350da8ed8b240029a1

      SHA512

      1441eda56cd966efce2dc5901950c1b8b10070191f0671de7394b3167b7c944d9dc76b3fc73e86367133ae99fa8845576eb49abcf86bb4a1b8d1ad176de4c470

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      aece3c98738d90575ecd21ed7e88be88

      SHA1

      792ca1f7a7ed617d0ca6f0cece0263825b90f3a4

      SHA256

      304a76883f44d7593a14cfab721de844675725303a4cd2e4cfde3adccf2844dd

      SHA512

      6287f4ce0b8f08aba8e777a1eeda32fc5022a480a655284e2d1c34bbf11ca539beb584f831c86780a0f78325b4f452f9d262bebe1e150c0eaf16f1db2026ee2b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f5ca77e597c7a986235e1aafcf50f7d0

      SHA1

      66580a07d673ce2aebba8ef522f5f1219b97d119

      SHA256

      7ab82f3f43ed9e38344987e405d6a5d8ec0276bc947800bbb520050d11dac1e2

      SHA512

      ef33f8ec8ddf44d7d090b59dc0b9e7c1c8c8c3de2dafb9462f1fb7f13ea0c178d282de65d182a2a962bf8c25c9292364c4aa82fe1aac52e79d812f5dea58efc8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9161dca34d3855126c3d7a76755fbe7e

      SHA1

      477572935061319eb4b0053d3dc07d7522467f8f

      SHA256

      13f13c3da193644c57b2b986607672f4397f2308a1cd531888376a2540aa80e4

      SHA512

      164d5785d2f4ccbd85c10197fb3b3ef083c1f7b082f3f059f0af86a19f65703d0104f09fbd2da3152f739218166014804ab35212551d4ce71c6eaacee30d5361

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f9dbda23101ca8e350ace38d17dde9f6

      SHA1

      a0658e95ec22eb31d5889645469a759dfff5d29c

      SHA256

      f128bb55b57878b9abe79944997cea44cccf7957bc65597dcc2c173b00e6d8ba

      SHA512

      e769926bd601054e5ab5584340521533f2ceffcbac5bcfbaa88104dfdf4b357decc643d0975d40f9e950249b28fbd2e77a7a6e243b1ea1ae59b07aac3d2dd48f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      8c1612bf9eabf4c031651f9b33c8d75e

      SHA1

      c2cfad4eb5c72a2d8a7f35255f7696fafd6470f5

      SHA256

      7d5970282701aba43eac6f9ee4ef91641fd6bb69eb589cd8916f6db73b693041

      SHA512

      a4172019267537222b760ac8f4e2d9391b5310db876601592e11066e64767f50c2e6c5bc5116630a07c7870380bcf02f536f35a73af8b24d1fd0a89ce28a4113

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3b83ad60b3900d13285b82412a25897b

      SHA1

      5d7ef2799d196210229e84692c24e66d862664f7

      SHA256

      c4156961f881efb6c24115188585faff76f93c279f272131912a1e6a09231551

      SHA512

      dffc3f18b21495ee60fcd0d6eae608076a278cc4c020f34150ed9ba635183f682fe1b50e7fcd13f12f31bc86b27def050a6309bd4ea20066ac20789a147c7ff4

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      178ba0342d19b9b17abe86bf288129cc

      SHA1

      7ca2cf303f7e3c9a83d0b5a62d69727b2d07764d

      SHA256

      b4bf2667464e3ce25b72d9f775744f6af851f1c78983e390e50c4c51b57cd4bc

      SHA512

      3ef5a2e83a9eb4c233a8f79877d6a28953c4757c0329cb9b65537fc8b058239772d88e342eb0e0d2ec579897627087c42fe11bde1e26c449c2d429fbbf5037a7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      cd9ec471ed8e60c6af2e5aa5bb61e88a

      SHA1

      e03b88377a1a08ffc140c5a16493ed8139e69232

      SHA256

      5d38266f1c032f58d53d1c2a0072e37a3e068eda78c4da5a88e83a36e5544a1c

      SHA512

      fc9a2f3350d523040931cc5f38d5a611c78325f442e986cf0d22bdf3938f0743ba11a33f0bec4f24e1da1c474ae256feb05a8465411947661f65b8d85ab75177

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      615af864480958f69f1e05884225546c

      SHA1

      d41b7be9f631530fed95374c62fa8dca03fe0f2b

      SHA256

      3327e494e0fb5c215359a20ff6df42498d8b7095dfcd865de660145be6860b38

      SHA512

      6aa81b0c82958c42733aaa15f73b728c28faee0c9a39ad063d86ee7a4aaab207e5fc539356b7ed7025c0d7d6c6c7527e78a3e9aaccb9357f942727185a0698e6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b2c461e2b9c82b6b517dd79e27ba7342

      SHA1

      8ad6c2b02bb2b977b615956a3218de00c1735fa1

      SHA256

      eefb8b983436dce39783f4fd3ad9a26c767a347e5526de0607121df287478b94

      SHA512

      c99cd04efd3a4fe2e61ac465237b2166ec47f36ae9a3f7863a3cf707684765977d85e669b9e767bc82665ff6947802636c74671bdc4e7241bc83de163b216db6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      e824d4f6914a2bea661a2d6978f09eeb

      SHA1

      7f2af74174d72269d69078f410fa9422b09b1ab1

      SHA256

      39a5ff60a1e51b95bd41645677fa12e12bdff92bfa2e3799012dadc4257d9379

      SHA512

      b8482e6de1b31087849b4a1984194e858bbda51868c2677a01b4b910af771548392cf3b0bcd534b32d0c0068b1f3b3309011950eed7f537dc51a490c5f5825d5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      233ab5ee15474bee0090314bec5de581

      SHA1

      ce0063f94e34f373f0236da2cef24bcba9632562

      SHA256

      6c5b00b9abc408d864cb665c00393f80da92d7d079f3ef71cb65a41345557b8c

      SHA512

      0787f499637536256a41dac9aaefd7e347460a8352dc8b6a32603a5d1f41e1b7af08af3fbb23a8c4465f146e38481112d124c2ba328a74a26e65a36abb5720c2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      261d17614115fce48a24a6a1166d169b

      SHA1

      1ec15e20a56ef28b65196bde49eb55a6090cb7e8

      SHA256

      c6baf8d9c3320c62f78fd12e1099addb428d0a8634b6f4fbc389c4015d9c872b

      SHA512

      8c72694c675ae19943fb6835082bff1bfc4f6d52451cccf40292bdd34c93ac4f90daae70846fd175281ab6c9a21f21d5470c259a3da603258e21e7d7de306eef

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      17fbd531e9601f6012e414754f69f076

      SHA1

      88035ce366cdf3837d7836dc51eaef9613b2b721

      SHA256

      1a43df166ab6696324cd2098215893b8ba5da43a952cb36ecaf6c69d38c252a7

      SHA512

      5bdee67b11a53add02470959cfd572a0ad28a6972cdc11f1b655c59e7fa49bbd4a8effc5d627c37f43f2fe7ac3bbbda64c1174348031106b84dcd1601b2adb87

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ddb8eb99da938d6c798a722795d92b84

      SHA1

      cdcbb1e03faef8e7bbb90a52176e085dc5712471

      SHA256

      9374566b60edf8f2e7d74d67e19de9c48713a06220de902b9045bd4c9e7a6838

      SHA512

      4357c6d6a44aafa577ec1175b937c0b53a6659cf061d6f04d4993ca5468ff6f51f44d3316d2310e5047b50edfbc8b77e93ae1e9d19ad98f3d61e2719577d3024

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      adee2ba21c0d5cdece70de92ef95e62c

      SHA1

      7d163a954a54461ee91b27ef3955c669499c6fe4

      SHA256

      57d2b9fdad8f4ffd2b250f7f6a76592d8e1824078358b9f682d9d67b8bb32f89

      SHA512

      9aea3a7ead6e57eca806aa38fe5c8623bb1e38ad39bdb8f909d886032a4410b2f9cf25dc5ceda73ebb6d329306351b73693dc77e0ecc30a8e56ff5d512190219

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLOK2QLQ\favicon[1].htm
      Filesize

      291B

      MD5

      b73189024a094989653a1002fb6a790b

      SHA1

      0c44f096cd1fec253c1fe2fcfcd3c58fe05c402d

      SHA256

      014c471c07b2bc1b90cf5b46eb8eb60abe3ac278e43cd8fcc7c4e6c8950c592d

      SHA512

      1bca726835d33847812060c968e5306535f513429de5c90d66942155fd42ff75508dba97da8ca36c6d6e6a8df5a2602fe3be047bb5612ad4e367c6c00e1e50a3

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab76B7.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CvwRMUay.js
      Filesize

      13KB

      MD5

      e497f9ce9725246d12b9e44a09ba8191

      SHA1

      cbae74c50f5ce8d382dc977d328e0b8e0d59c416

      SHA256

      c321c1768be6334e5f5a4491686aeb64c4f3b4af4936e98d12837f97e9e17ac5

      SHA512

      5032c86ea689575ec2721710b3c2afb0426d6920d53fdf9cc8a6522667161679e26a835667194c8567df00128d2835dc08224739c04003d027098953d68ba8ad

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar76C9.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • memory/2452-53-0x0000000000280000-0x0000000000282000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2940-1-0x0000000000010000-0x0000000000027000-memory.dmp

      Filesize

      92KB

      Download

    • memory/2940-3-0x0000000000010000-0x0000000000027000-memory.dmp

      Filesize

      92KB

      Download

    • memory/2940-4-0x0000000000010000-0x0000000000027000-memory.dmp

      Filesize

      92KB

      Download