Overview

overview

7

Static

static

3

952ae0d365...18.exe

windows7-x64

5

952ae0d365...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 07:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    952ae0d36581480373616b546fbeb56c_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    952ae0d36581480373616b546fbeb56c

  • SHA1

    99063200393babc4c3b71688591fd44ee5f65ada

  • SHA256

    d2d072b1120aeea81c76243eaddb3f4f0bd575d3bb5c19e1937b191610c1da3e

  • SHA512

    30d369cc524b8f1f694a216df61523466ee4f07d03822dd6a8cc9d9e6324aa311e1ee0b17105c2b3caa32a491e30418596b078f5cdb244845b87c5a6c5fa4475

  • SSDEEP

    24576:HfDeBZpMEFh6pboavycN11v6Q1SUIQnYdiHIfZYr4WPbLTthy/9r:/DohcJN11iWzIQnYdsIfGrLvTmZ

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\952ae0d36581480373616b546fbeb56c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\952ae0d36581480373616b546fbeb56c_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2448
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" www.dnfjinba.com
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2736
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5326aab8da07d5a03e15a447b19bb597

    SHA1

    da90ec6c4984f9efd49ab24311fdff43e49b0162

    SHA256

    cd2b3658cb445fb3388046d2a636ee6b48e3b560ef35457fb1dcdce8aceadc22

    SHA512

    d7ec44c76739e7cb48f25e6aa42ada212fc9b0a19aec0d03ffa59536c7090bfb1235c64c880fe6714452e8452bf03ffa60ffd26b25e8e18459c8263575b94c0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bab6490e0d65f8560ef68db7fcf6ea1

    SHA1

    2a7e40217a91ca9cfe219c1812bb49d513369b3a

    SHA256

    38251da11ef3dc68cf473b17ba6701011bbcaea9b542dbe24eb9d5e1199e4eb5

    SHA512

    3349b681f38e420f4f2a8aa4f9a0c7306c5496ecca283eaeff2bae75e918e86d0f8a9f51dec3b778c6728f81dd6b56e6836971f5ef87833c2290bc4e127d083d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3efdfeee8940f3994d4d2f1593808a1b

    SHA1

    13864d5c1f77bfa95a9b47b5f4a9bfced3728da3

    SHA256

    8d258a3199e428bf8f31220c6854dce84474ee536b4886c17e3505953a0e2fd9

    SHA512

    b6def1bfc356fd30674ee671034c30b924fbc7cd661ab235764fa87793ce7b0d0c251ea5af19b84b98d9ebd3c79ecec6f7b09f9db430ddb643f0c7e337f11b5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7ef9438cacd47bebd541d5ef9e68210

    SHA1

    2e62d48e0f1825a9cdaae934bdaaf389de693ed8

    SHA256

    1944cc253e4100bb1d6a82448e58aa472b98ae03b57a48f2606a6a349d9744b2

    SHA512

    678e5b93aa773534cfd27f87c3162c10d970d135b197bda5854f005f7c705b67927a0210d91eb1676971d6ade10f935df52e7e52d639c4ad6141ee43870654aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20266619c5eea3f175519298d3e65bc4

    SHA1

    fb32e9e73bee2e9dcdada3028d20a82807724534

    SHA256

    628b86b3c253758ea4900ff8a5af945e91dd9ab83989d81cf351c09ef98097b5

    SHA512

    f0582f554a6e2349326be92da301d05525935b1662666ef60cf3f9caffd44d085838104353cb9ddd9de8063e376ad653e12ccd94db406b5e8800809ecf72cc68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40977a3cbaa3b591bd8ad6e5378d8abd

    SHA1

    57ad5b8014e4eb598a6ebb3d7b7e2f229abe7251

    SHA256

    5cd17b089f8b20efacdbf10cd2bfb47d224f4ba96be11e0b2887b7277067befb

    SHA512

    160e4f29ea4a6cc7675308be3004682eca7cfef83f90e29ab2dfc25d618a04a41d12202392276b6131606c19a59794fc7c763052ffe74dc4c383bf62fae36010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b706dc956b788b1a0f239f2f3ff6940

    SHA1

    1db7203937e2f24cd2a447a16a14bf90ba4d6fab

    SHA256

    d1bd3c3f71ce64d5f3850e4742764c2005ce1496c450e92dc6095055ddc771b1

    SHA512

    5b2ea2f235ada9e8477dde18fa4c879f438760ea508cf4cd83c895194aabd59a02d1461ff45661d7ff49907800202a229b7092a296ceae08ba84f544e84d2a8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    846752bb086add9e683e05f8fbf083be

    SHA1

    b1d0036d936b10946fa5633524c26ee1e819a6e4

    SHA256

    27637dbfb7bd3d95e7f0d2026df52bcdac9355c2186b14b047fcf7bf5c646a68

    SHA512

    55c76ff1c1c42285a9ee8db9b2a94b126b21dabe627ab096cbad83f4ed46c76017594ab3f2c1ab288950096b9a509487418da8e4b3444321fd84aca1c67f36f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2e036f6c60d49be83694c0acbd74368

    SHA1

    278c6ed5e5765d4d9a5308d95e23a01da19fdcfb

    SHA256

    6a16987aeb7db45269df50aa5fa086f94277dec0437f11d11ae78f53c61c82ec

    SHA512

    9223160e213ffc8981d8863c86fb6b6d25e192bf1ce1828b8acbd031c5b0428670389446772ec6bacb238f59437729b8a95a028633d12597e80bf4f036cfef35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8373bfd57d1fc7f582f7efc7c5357018

    SHA1

    db7b8be43b002c3eab2006039f4c17e032649ff1

    SHA256

    6354d9cefb1cb118eb031e693318e669d29fc56efcba755de88ddac0e14a0a2e

    SHA512

    70d1eea73b9efbcbb8ea1a1764489191ea901dc5001f6c9ed6d953021c0fda55a6c5258c4228063ee3e7d312b3b5d928c72db7e37ec47146a2ed8dc86d15d680

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7f6bb9d358cddbe681a96933db6529e

    SHA1

    c6620540a6f54e05b23a6646bc6bd540b9a856b6

    SHA256

    3aab627bf293d315f20feb5a4c91fa5ae89747dda7661507ffde55db11569dc0

    SHA512

    ce7df1d4b88e8089f4c64dad2d75482748b938b2120eff6c28e1f815dcebb0685a59230d70b89f16a3caa936ef27da9952adb6049aa70598ec1bcfc44f02eefe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    616fd27125ba228eb1ee8d03b4679f27

    SHA1

    4ccba7cab1f28a0eb35f1a42074a889e3b67bfef

    SHA256

    8bb84f7733f4e90150f67f939fca5235d0702b96450926b009f29721cbd6da8e

    SHA512

    289dd92d9e7bb7d2fde801913d5301b8408f22e8cf9e5978052271dc61ca2f5ce2d25b6d22a8e714e8b1d0b2abd2a722d8898b729a661fc9080ec452722f9069

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71395e25a26d31f1416abd25ae48e99f

    SHA1

    28acd6a7475b6a367864d1aea790269cf2d6d060

    SHA256

    d5cb78c8acb7329abe8c922b93d4f1d4aef410b4cbe2c3738d0bd068943dc4ec

    SHA512

    6fe0ab69c37d92c87caf28f14495489d7c08c44ee6219bd245d271352e64a0f773fc86ce2fd16c6792f329b30cd61089b68dccab531858218ba89d74bb7eb3c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b47c22dc03b97d53564864ca91520c8

    SHA1

    d23c65320e443ff5a1b0ded9ee48682f79a74217

    SHA256

    c2148caa5701ff756072bd9a53b7e0d4ff2f2737bdd43dcf8da637bd415364d9

    SHA512

    1474f1df6ef8b5c12451fac7f961412e3ac05f4a3e1e6a0af8cc29a17f04c7957730fc982ddf7e00d1790ea7e43103341046a06c32e41da38977817c4197ee55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    284910e9f16218d2048e726c9d41c2b1

    SHA1

    9b288492b7f86511923d7d44eedc527d3c435876

    SHA256

    5ca5598ba811974c4b3454f329451d1f0ed7e2a967605e1b2f54382c3702d6dd

    SHA512

    3d0d320cb3d78b6cd446c55cba328c0e913832dfaf5e75396539c2f5f0c46b8c20a2a25e3c272dba78e408bd2d9c014c70d41ddee1d4e0e95f154479ed4e12e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff9b52bb7fbbecfe793172b55d162c1b

    SHA1

    64f31f451695b1236bb3d97ac4b65a00e579ab1e

    SHA256

    6f9dc2f51059a22aee017a0f0a9c2bcebb31596449e567ae918e10e3be6c96cf

    SHA512

    49e93fc2cc95d60b1fbeadbbf8d3b58426addc93e61c09e0ecb03655a92aba4b995f4cf33fd57aabadc8b0ef33e65b66f006116271294815310c6e184061393d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2106cffe13f903db66f1d51e24353bf3

    SHA1

    1fc975648c35b4b182d598fee611f20bcaa6d522

    SHA256

    25316ebab21210c60e3215e7c7a2c2fe95120e61a48b21fd04c9caace8dab150

    SHA512

    b3bab377267890b0c3de41f3bb3b667f703ecabf36f869af1ca6cdad1fbc4bedc9220fcfe17f3f73082c96664dcd2d57714edb74504c0b1ac80bdf8b6b72c0a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    460017e1ba8f457148094247acc54aef

    SHA1

    6e26c69a85401d4320f67e71e4c2e9dfb75cbd62

    SHA256

    c2f25c971f306490c0a68e6eef6c12eee55525e630c5fff0935e276ebacc0d97

    SHA512

    ec9bf9e9baf012955a6ec8a22d4dc110bede24dddc92deb687eebe2946591e82b6ef1196c0321935693113a07d043c9d4d7adcfdf2568ab69768a234d46f0039

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b09c760c415a1dcc90178b79f854f59

    SHA1

    665cb0d50ab5a8d2c815b2b99ced07eec98d5443

    SHA256

    3f306d89c13805e607ecc19681056dae418e04f1e8a3342b590faedc10e4f563

    SHA512

    44c39ea5ef1acba402674534b1eaf7db5a18e8c7b1ac6217911229875348c1f8a6a4be1753808f7c733642094f751a726ce58c2fba4437d1a24f4045d00ea391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ef732abe1891ec0392825f0afc92dd6

    SHA1

    26bf8c8e8100556d42e6dfe8e39e9245b8030629

    SHA256

    22303b0d095fc20e5c4683995548b6062791f493ab043f3f3fd684b2a9bcf6d8

    SHA512

    ab2414318ddd1cd6ae014bcd07926da34806833b368649390c2827a20eb3ec972804f7c72eb8a1b606a65d6d2e8b7085cb9027a87983c646955ed57803e9de54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3fea899256a4001eaeba28fafe2396d

    SHA1

    eb1d901efd35fa78210bc8a46e67d70749fe720d

    SHA256

    e293b44be1a7e2b2a75a235064a9e4875fe267bd4675cb6cd257b2ff338a542d

    SHA512

    4691a58d4d383a5c6f69508f594e2c4125f6b363cbdcd71249a321ce6dd420c8949be31a8a358a2bf5fadcc0f86e6ac8824ad75920e09ec1c72f0bf73e6c2e00

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1D53.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1DF2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2448-443-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-881-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-444-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-445-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-1-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-446-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-448-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-447-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-882-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-883-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-884-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-885-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-886-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-887-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2448-888-0x0000000000400000-0x00000000006B0001-memory.dmp

    Filesize

    2.7MB

    Download