Overview

overview

3

Static

static

3

8e625ac043...18.exe

windows7-x64

3

8e625ac043...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2024, 10:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8e625ac043aac99d18be960872b83961_JaffaCakes118.exe

  • Size

    15KB

  • MD5

    8e625ac043aac99d18be960872b83961

  • SHA1

    bf23a734b0cfe28f58401cc98be56dd26d10d073

  • SHA256

    988d93ff33051f2230045001b60e12c4e024fab7ff1c54ecaf576106d2027484

  • SHA512

    d683304b005331092074dfb5386d826a6d33c7282bf3337b39091bf08300bfb67a60eb8d05786f206a67e3cc5d602ad6046da0f4262d15f5a5ddab0176ac283e

  • SSDEEP

    192:nSs61A/0LiwxqfKD6Vk/gqWhiQ7Sh92sGNl+vHthQjcWpKrgkx:Rx0iwxqsRQmh92tl+fthAzArX

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8e625ac043aac99d18be960872b83961_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8e625ac043aac99d18be960872b83961_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://get.live.com/mail/options
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3008
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93acec755d6e6d2b6a8586468468a794

    SHA1

    1d24f9d105e655e1c6e42db4716a0f18ca7225e1

    SHA256

    2a9995e2a974886007b8671758ffcfe719f034f7edede91df70fead0587fce6e

    SHA512

    5e67fcd83b9f3d7bef7e8468e14d0182a329b3653675a1978c89ca5c022c28c441a695ed6997ab19fd3b38f348467f8c11eb4359939245d66335db415cbfb089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63739aaead1993a0cc6404a30a95675a

    SHA1

    2cb96303c73d7af8b430fac86a291b3561a9c603

    SHA256

    929ee3708644b22a74b2c6d6491006ebe41a018b0a027f3480b4ee5c1dbecffd

    SHA512

    e1acbc310f082fc5501f908a740c2a6fcdbe1621ed0ca1f6ed208be90ed53ba47327e537576bad0d99a8b76cb78feee32a0ff062837ffbd8600fa7e8e276e83a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e181275bcf1ae030267ff53e6c854624

    SHA1

    7384e3d8368aa256c30f874c0d4a1e297e02b584

    SHA256

    69b496503ef6cd43f52cc6aeb958e66be69cab7e4a5851d35c4c1c0c4c844df0

    SHA512

    70bf422464ca8ec8472d6e005b7487bc6e25ecb815efb09c020025d3f40744668169ad824bc2572d097d48e0cba3eb69f8e4e49089c9d58d3fd3d84b5d8de2e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f404b9181b6f17a08dec114f66f390f

    SHA1

    2d7264a1bec94701d02a9b569002a08787553b54

    SHA256

    1b65026cd891c4eed82c028430ca9a06c91ceb3bb2df8ce409191d2ee2f6f3ba

    SHA512

    848877cae851ad35c371bd05eb1f556f43e6a018e8684be76ef1fe0cc2982f9b8756d960cbdceb31a384bbca22123c946dae014d353aac78dfdc91585f355012

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afc0594d2df10eb5caf05595fe6c769c

    SHA1

    8f42b45ee0cc1d4287c8f29af10ed20ed6d56212

    SHA256

    f7a6a7a63d68da32c01027402b58af03a53341ef22c682ef5a9f1d1f37969694

    SHA512

    f2478e4483afa9ac54009df05da623052b1903555251b093e0108551acc4a3e90ae27fe65c819076ecab322b42da1f5b8d3f85659991f4226b308a60b715dc0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d427bc5c582f33a42c692304f9040378

    SHA1

    5d5e39376daf1ad987e7a07fb691e2d3f4508b29

    SHA256

    da6cbabd52904b0970ecf0957bddf6619eecec44d493dab84188a823b1b6b27e

    SHA512

    abdc9f0f0c5720a1c40684e7801293bb8ecc116d5544928509b8e88176bf1154a06267723731c05189e1b1cb72aaee081487fcaab133d2948ccbce66966024aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92a1fc8ec2fb891470e6de1384120312

    SHA1

    fa5f3d347e6c037ad9fce3519b24bcb5e9ca92e7

    SHA256

    9aa40925485cbd66331dd602e24d78e7e088c3087c517392bbd9926467503612

    SHA512

    4174ace93c58555f50ae99e95622576b14cf6014c407e7123db54663bb767c65af00ee0019b64c686de08fe43ea0ca6aa6015f17f9ee050789aa699e8a49ae1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebb11b0a79e3cbaeeaa30b4118358fbe

    SHA1

    bc20a054f6215222fbd7be3b1dd6a8abf31c8fb7

    SHA256

    fd4903a42dd4864244653d2b556aaa6b7cf0142067bd0f4a481be3761a5e334c

    SHA512

    e20410ab80dd246df4076cb7ae0d9b925c4fff150f728400b6a927618b1736e369d970dc5ca4aec58208d7709a61f325e0f15beb6a082516e05ef631b13bde22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd303c4fcf7c0db3c2d5e3319e683728

    SHA1

    a0718b0a19d72a2925e09c8e8a2f3f2cf9c8392e

    SHA256

    059ce37120a119483a1f516858b14ced78c13f3f4f6f3a027de26547a2ad112f

    SHA512

    2ef139999dde2c50ceae68fe1a219d3bf93357d0c7ffdaa44d73176a53aabf514f580662c6cde9c1a3493543f6bd0cd0acd73764b9d841263107221a4b710a30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    297e5920e5a0eaf7a15fbecff6dc6edd

    SHA1

    5bd4b6792e4a2736ba7d8e438e64e9d9daf6e70f

    SHA256

    fb11206175e352b3bf74a642a16e18471988e24f21710fa90086f45bdb63ed24

    SHA512

    a184995490e6b88550e5a258c2f69628acdffcff5df6bf2d22a89f016103901eab01d05840a8e5abe91f04faa41bdeb0a78bb58d056cec279314f685e936321e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae240d313071fe6a88a833c2cf5614e0

    SHA1

    d66017102e235ab0990b23af68f1f31ddac1bd07

    SHA256

    36b643147f06590dec6e872cc877aade82d44b4f2fbd246bc657042177b77ee5

    SHA512

    0c6ccdfc8b7a1eaea21893fcc5ead40cd819b4bae9b92840c9ef2b24158ea230e171884bcb122b8c3a190f75658eaed00007a9e4b47bb30c0134f65cf19c8509

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72d59e01b18b2fd356e758bd27045764

    SHA1

    413e53af521ed7d7320ad6313f53348cd08f0f19

    SHA256

    8c27f923817f9385db83fdfbe2e077e303f316f7279b519d196f1eeb697ace12

    SHA512

    9caca45575b9b3daa659ec5eaf2374265a17cb5fe5672b92d05480df2d76a9ebfdf149d1420ea2ad7ebe8c67878ea9830b6e6330b5240db3a02cdec7c9367aa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a1049ddc65b9b1a330abc755397de11

    SHA1

    5eac7a75f467fe9ec368b81cffa0fa9843410880

    SHA256

    9b91a82734665ba7002200a2752e6d5ea1f42efbf6950ff28f81a5df90237330

    SHA512

    d9d417a0e0f12c1659a1dae47032afbf0c811ecad013b1c640c66041c981f2e1a7abcbd3035631bdc9eb2669ba653bee8f326d77562d5974c78e57cf5412047b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbff2753a3d3b21796da97407e351e73

    SHA1

    8efbf9f9ad21d35119668cb112d56425a480cc61

    SHA256

    660e5c5ddbe400efa22ef7b31ab98241da6ff852c3171b802190a25f997d3b68

    SHA512

    c80d4ec32a7d3135684f97540d52f4debfa6ec763e25f2efc5bf1a0f8174521e5f232b1c4324e4b8e22ece5aeab6cffb7e6ae9e2f687a8d57a811735cb4c8771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0320d59b7ed7b1e0db6fab2e272de288

    SHA1

    9914c0f73d026ed948f3142a005a0c80ebd9be9d

    SHA256

    13156c3451b692085a6d06359bb02756c103d4596603175941d4c51d0ee86fe6

    SHA512

    de6ba505f8f27a2f3e0993a4032d1d25a7321eff546e4ec2627422b63b48ab76530741d2e6189869e7e0814ea7a590d6b581596968d5324a0e4699f792a6bf12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    185866d7e5a234bfe12e0f83da016cad

    SHA1

    cb471c4bed733a6239c872fed426cfea95b042cc

    SHA256

    b409b45c6fa3fa73d2707f8f7be531204e87d99496b61e624ebb1107cf6291da

    SHA512

    ac39b0954ec000640898e3a6883c3ab11e8fbc32849e39eae550af4cadebd92fd739776141b14e4225019b136b2628101fecd1b9db81a93b85aea4eb8bc472f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1ef923b8c7033a2c0e9dc039ca5f65d

    SHA1

    e79bc55ac9bebef37f313b7bfc1c14e7a06dced2

    SHA256

    beb1dff78d90af42ebf87890bb788642e749ce219eb165f82aaa1466093c2316

    SHA512

    a45ef0301501f3c7ce4319edf93d12b28e12fc458a0766b313407d8c7561284ec24852e1730f8fa76f526f671fffc0dde7546a9258fb3be839925c44c9f6ebd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    047644dd60e8f15fd2ab7c64b9881440

    SHA1

    17789d2d7456e345a188ea483ae5fb587597d3c7

    SHA256

    3f54ea954fdcf284f6e11a24a321bcbd17db39549b336a3d789f0303fde8f5a7

    SHA512

    4ed5a2bba65dc569ebefd19aea0a4b2d69a3bb5d2dbea43f62de18da25e9239ac3dd7c7deed26bed03ae41c7d8df9b81a9cfcdd7d303b05e945186de6a4ecd74

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEAB0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEAD2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1940-4-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1940-827-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download