Overview

overview

3

Static

static

3

6f67e0016c...18.exe

windows7-x64

3

6f67e0016c...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25-07-2024 11:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe

  • Size

    704KB

  • MD5

    6f67e0016cc592fbc2bc35129433f320

  • SHA1

    283db84a80ca8fde448d74daad59fea827f43acd

  • SHA256

    c27646936f519338b5b796aedc458dab1333515f107ce00dcdc7edf392830bb3

  • SHA512

    7ca2bf3481b31f32c916403682945f9bf3319c3342acae0c1077c1a9de7daa86f9bb104443f9466da8a0299e96c7b1c04b485219a0d43b7919134a384b656f96

  • SSDEEP

    12288:ImhcfmetsELrGbIoE+itJPEbvrgqhVpMsSuyroPXJxxUYFEYP47MoFkvrPT+Ueen:ImhOGbXE+8BEbvrXSDroPXJxiYFjSkvd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2968
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cce0908aa6158596dd6fff6b2b30a45

    SHA1

    6f832118f02916ff95056137a11f5eebd54d94ac

    SHA256

    c598c5e1ddc297d0c2ced08aafbaec598e462fdd9af8cd2d8cf254130485c827

    SHA512

    a3d11a8a536d2a14e7eaa984e21d5fc6323b58f09e73425a8669faf8913a83ec40a0b473f106f5c840e7de9a76cfd45f386729ad507ee337064963f83addef0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3513f449d029c76e55bd416877c83e99

    SHA1

    ec919c01f5a5148dbe7ba16123672ba0d7e29577

    SHA256

    6333888b70690e54503762ed8bd349bddc9788ba042c9024364a7045bdcea883

    SHA512

    7eb11d47e10e4d0c9a8ceb59650d8f7fb20a9a2862246b6b822d6c1b8c7bc052aff16e5ac1d597911e1b2cf9c3d20eda7cbbfad647bd2524c1e2a1223a67d8c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1acb3201122a2fa8c1031d7f21642c25

    SHA1

    3e874923a7981bbec13bd2ae21b0731ca92ab9eb

    SHA256

    9006ddf3a133e80973f7ed0fa04cc7570343fe02d7a6f6c41937c28548dd72eb

    SHA512

    ea6183b3a1cda1ef58460995dd47fdba7bb1244a66b8f1e33f56bb79e5ceaeb5c5db5b348f530d0b8a816f1e49d41e774bc13b703caddd476530c67b90a6398c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07fb0243947d70f01fa32d0fd9a2457c

    SHA1

    5c5b20991b4c581f3453049f515c96f8ca07da76

    SHA256

    2b6b1375da722ae2b361d1a8c799e8825376054db64498766bf59327bb86d715

    SHA512

    822ffa22ca3816a5b79c4a1f15683966cf97561fe886d9667f5d3b85c73fa4f2be7385af7287159e699aab94589b0fed7a3c951de0b9df709c947ffb436ab5a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ee445175991fc749b56ad4bbddeccd9

    SHA1

    73f527437a14d540915eea75f694063761e22557

    SHA256

    f1765672ba8ca105d8a8f08a796e8724eec52eeb4c27c2e73af3ca6f868f2398

    SHA512

    91537a82adae685c9ef2eb3ab6b1399a84d5f00c58ccc225986ec122c119613a3f41721fafa805dacc387097e28bc1ecc85b050d2159266b1594f3d334411e07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79f5dc2361eea331d24b2ef81ff51cfa

    SHA1

    d132a1a1dc6b53b4c0c80c78327e0adf171f1667

    SHA256

    2a51a1c83545e72c2eb98672955b4d6f1dfb14544be7baa682bb259450b02e84

    SHA512

    d59732a97e1f36e412381e718a7c96d18ef2ce76287c21dd1c7efd1a7a92043f6ee72fe881feb0774881fd65a48dab046bb2af6298fe771b9edb4fb374e9d02b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68106a5ba4cdc580aff6ac4d3ec51a83

    SHA1

    e4c9536ff24e3bd5d3f3e9abdbf3ab6d2201f89c

    SHA256

    8cb2f3fa1b81d57734ebf4db347261ee613d21b29e4e33497fd28852e70a34ce

    SHA512

    c51b2befe9901c0386c5fba4882a3c98649ee03804bc7539373fd3290353093f964b264e817f406ef32cc8efcf6d863a136d8dba8fecabefe11c69e16b6d9e55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1290b669fb1cf8678af70e44ecaa8557

    SHA1

    21bb8b98c9bb7e871fe433f19b554703214571fb

    SHA256

    34fe36a7096b735217a30a76c2144320f9a82e498305613715b1660bac401817

    SHA512

    7dc22a4fa773f14962e789b0de3354d4eed3bf90df0d411cd6f338dfef4e32ab4edffeb82848473eca8eb365dd12acfee6916c7e4df2bedbc14827c30ff1f833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be2b2230e5ea16202441f8e07cc604a5

    SHA1

    a668a0dc64df9155d65c058e0635c2e54ceaeeec

    SHA256

    7c4a211480eb4dfae18e749a741833dc5dd92abe0ca8349a3c5a0c1affaecca3

    SHA512

    765a1debafee852b990fd7c2ca4f0c9ab2d267b3162a1111e1bee6e1d39be1445c4fbab5f433b001f01e903576d787c89e88fc39680817d977e0f6b4207420de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    256e8a18e048097e398aebe3d20ac03f

    SHA1

    c354f61aabef8e7140e912fa4bec82752a4e3acc

    SHA256

    cab60a13f21ef7145b0654e94c6f756ac061e3cbf8e400580ffdafc388e3a885

    SHA512

    955b144ceee5f56e2b56becdb884c2398177dc6ca7dd7f8c9fb744040831e523ae914943b9bd5e45ed561ea0212494201ec72c09aaf1dbfb8c86924abd49f305

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74ffa2753f0cd07b4304e122d2fca5f0

    SHA1

    b446ba3b7a4b9a50be4d47a845c388f4419f7906

    SHA256

    a99249951a426c1759a2b50c24d9d2acdd22c93dace6468d5edca9bbc618ab55

    SHA512

    806ce689709bc8a4112ec823851b082e16f95c33bb0ae901ab7c0eaf99b1bc9d28386345e1be48e97e0f7d2afb6b127e5f37d04f7ee1cc6b5c442d3df34069a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    488ce3043cb16a1a6724aabc1923b8a8

    SHA1

    188277dacf29f115478c0615b6c395b0ff8c8765

    SHA256

    b509c956e58a7a22f3779cb38b64b13adbb4b7e39afec588775259c6096cd601

    SHA512

    c0af9e9c843e3d05725c5ff2f2772c08215393964b21fc6596b1e4c2c2da6e50d00f2ebd66d342f38ceec3de790a3317b78a26fcc29563d6bc7d2f7b5698a6b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ba557bf5c730117fe55ec6dbe20388f

    SHA1

    70a53b31da3b5a172d2058d0dacf26fbc26be27f

    SHA256

    68358013443e73360cdeb4e234a2f89ecdaac5766d8cf5c35bbd058ff66c04cb

    SHA512

    eea082cf2875e851851e398961f0b671286e3858b62e9e062838de09ae964872db8c6d46df7d6fb5a4141e598aca7047f3662b17292830b113998ac2834f924b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e656315af71ffc09d67faeca6b3510cf

    SHA1

    a357e9cbe848437cd1d760502b27f5234719c023

    SHA256

    71d216963128776db398eaeac4882205630d4e8cd48eaaa95d5181651189aa6a

    SHA512

    53c070e88a1d5a3bcd52154da86b282d4d1d2bc94a075d66a9c59e3964e5d0ec86aa7cb955e6ef954866efba78f5c438d1cddb58447c5b3e52e3b9b0ef406fcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    534604549c39795191fa1d73fb6df57c

    SHA1

    1df29188d193c152c8fe3a39377cebdd35e86bd5

    SHA256

    bdc5958d352839f0a56b60ec588ed2135ad415981ffdac80bbe3b74713fabdcc

    SHA512

    86b2cf1b173f0f29424ac342fe12c534a818db3b3e7f62b0923781a65a186ec1e6b935bb41f816ad8dcd86dfcfe1a4c6d5e27a3ab7964f73623311ab6312de38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ada7e6b3a0ee0a33b74ccf896268dd5f

    SHA1

    40786c0e55cc1b6143b5100cd79ae66cd470b910

    SHA256

    4ffae8db6377bdc0bed427a784f5e70ab385fd132800a4367a9c6023fb60689c

    SHA512

    bead33359287555cbc9e978a245991233975682e6c5837f2f829f3873781aa04c913dc937449d618cc17e2756d7791dc3b4f0fc56e51a16b554ac74cc9693975

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71bf86b333b04c0c14dbdf310885f2fd

    SHA1

    707d9294c8d414bb0da789ca7b336ba944f77b9c

    SHA256

    e2312aa8bbcc2b27d3070a5684b65b1836449beb8522c766a87b5304a2f86cd6

    SHA512

    b5e1fd2eb6ef3dddfb7b9e1c48c160fc118ac1f20288362cd7a7f6db68cc8e1a31986fb20fd590c1b3650e2ac4a839b0431080aa31a153fca9fce6467968ef13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    811376175d13965c047eeff668552853

    SHA1

    071f290fa7ac3c5ddc6997e1a8b7d4d5d71e2989

    SHA256

    23fb19ab832d09bc6d2796331812ca311425431941f8e257d310aa0f6714c5b1

    SHA512

    5dd67991ecaaf9bb398f42960b9b3543625d8510412d0476669c4fb21c8466658d6d15b74817937976b451bc5110abe4a72a56ba26f6e60e3a61155ae4d659a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD7CC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD87A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2968-1-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-19-0x0000000000400000-0x0000000000810000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/2968-14-0x00000000003E0000-0x00000000003E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2968-13-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-448-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-12-0x0000000000400000-0x0000000000810000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/2968-0-0x0000000000400000-0x0000000000810000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/2968-6-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-2-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-3-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-4-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-5-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-7-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-9-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2968-8-0x000000007EF50000-0x000000007EFAC000-memory.dmp

    Filesize

    368KB

    Download