Overview

overview

7

Static

static

3

963b37b458...18.exe

windows7-x64

3

963b37b458...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 13:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    963b37b4582bc3f36021b801338a8363_JaffaCakes118.exe

  • Size

    14KB

  • MD5

    963b37b4582bc3f36021b801338a8363

  • SHA1

    285000b5160ba424e8f084c37a7df99f6e9833a1

  • SHA256

    06fc1779292668a9d5aa606e5d3c06390bbbffccf24023be28a522e182ccf36a

  • SHA512

    63134930f805f80af94cf8220d609359c0ab6fa015ad1370eb32c2936fa8ba40c5aed253d788d961c945423ac64521249835f43f12100b78038ba0b059cb54f4

  • SSDEEP

    384:+7Jn8r3JUv0YLq14ukfaX1tJNNnU/s7U4:QJn6ZUv0RkSX1b+WL

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\963b37b4582bc3f36021b801338a8363_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\963b37b4582bc3f36021b801338a8363_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://a.doginhispen.com/149/in/htmlg3584861106.html?cid=51094673&aid=10381&time=3584861106&fw=64&v=149&m=0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2784
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2664

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          98962cb03467b70c8204fceee427b21b

          SHA1

          0a32af798d7d7126859f5fb9a9e14b3e013844c2

          SHA256

          d428bd017b7ee401f30726cb562c53d5877ff0982648e61261c653f9a2cf814d

          SHA512

          66b14bfa0955df9ff3ce3a1396028772b5ea9ed5c0234e4c3091d5e68001f75a0b7f4094a9bea831b6aa096e563a0556b42671a252b93acb76f914f0e51f4b4a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          64c1dc4204e4ff523d5fb7cda8f35ff1

          SHA1

          535c964284008c4d22cf137f49d3a8965916dff1

          SHA256

          e3f3bd818a1d11e95cf8daa7902e2fb2ebe8002d2a3c1d630fd35b6abc6170f1

          SHA512

          6ef86e75b8a47c5c63239b8a19636840b7b4c319b00cd721df6fe4dc725bf5ff370abf61d1a72dcbc9fa3ca9f8eec964dedc87d67907f1795a95a0d64b19798f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          acafb35b31da191acd10a12b0ad43020

          SHA1

          e77e845a630fc505d0dfc946b690452353fea80f

          SHA256

          4fd5143079fad503e449119f8a32b8ea1f45614355544e7cb4f7570da37f0c35

          SHA512

          aa356cba1a2e10902578d7e514b47a697cdd5412bbcf8187ed95d70b40bd10915ae2493bd3fa451ecfaaa2be93e33688ce8a27afc0e497f02970cd0ce09e9109

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8d4f2d1ab5a595c2f609f91f176b996d

          SHA1

          fe53794cd02d83fc54c048d65758216e262c2ee2

          SHA256

          65b4b40e912f742a29dbc441917d95085f6e6d8eec14bad26c8010606ffc7979

          SHA512

          16d8fd5195c9137ca7d313a56601e113f8a1f1eefc9498b3f850fa2748292c4f2b4ef052230c0c4023aef185e7c3231f0946e2de322dc16f8b971815baa7c7ec

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          842ef475126f0b09819fd83630064b4f

          SHA1

          b1f9f82311316bc2e88e43e4c05a3b40525b2f2c

          SHA256

          ce323f577835920593306aa077fd8b6686d5d3e0dc873682b52f0dfc7e0d630d

          SHA512

          7558b3d17c79deea7e332a0f77ad05544abf6f8c88a0a33eb82313c2bf093c81d7a8d55235279805aefca45fcfa45407eddb759de12156fda6f86c83835d77f2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3456bd4b02b32d9f691fd2214932ad6f

          SHA1

          7b6d9061f5051a77894f143246cc2e3bd3535b58

          SHA256

          258a6b8193d91983cddfa4ea261c687188c6ceefbf8aa6a38adae00d5a0f105d

          SHA512

          5d515dbfb50edbb0aeea74d50085792cc352ccc29a228cb7ebcc8b80079d4ad16d4e10ccac1091cd1e033311388293f77984311800743b51125baf0d9be830c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17b7a42ccbbbcc2f37ef469705d70239

          SHA1

          7713751c4db0aa7cb40b177f51382a7f1224caa0

          SHA256

          b4190d40aa773d5b12380e34de2686d9cb9a57e4da63696d8db235614bd9caf1

          SHA512

          5efc287d43bef4a9a36f4998ffbafae5cc65e6f398b8327528ae9c4b2210211a3b16701fa0f6d0635656a95237dd0e7d318c94f3a7c0bcf10d2c0d9b8cd2728b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dbd2728debfb4594f191ab9c31027f95

          SHA1

          ee0b9b8da8a7cb37e5c57ce913a490defc43a90c

          SHA256

          2a92d2d4f56d5f1301396b9a1ab37ed65cbab71dadb197cfcdded89b807a615b

          SHA512

          bb7cd7b76f04dd003de6b6f4d51043142581ee4a86bba4324582e9dbb30a003f2c2ef7550164201186ea9e32eb4a378d3905c3cc3a85ec2817d0a7cfc7fbf32b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          10703ce2b4306fc18b5f0ee8e837fa1a

          SHA1

          be10322737dd820cc5df1b1b0e961a48a8c85a31

          SHA256

          bb3cc765e41237baa649f21b29e3db4c16606c17379828b95eda32833d601d5f

          SHA512

          26da545dd33333ca5494d7b77d4b61bba6a39f3850d64e1cb0b6c58b9584a6ba1a190d2a706e349b7b043a99245a93a1d6c6d5a2f7d0ae685ba7afaee008ce01

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ef30180d58856dcdb77f65c21600fd07

          SHA1

          0f530472be74a62d990301588e5b02a7bda0d1c3

          SHA256

          65881aa95ce3a5eb390109f2204a63c2f1b4ac8e1087b0cd666c37d8fd8de8e1

          SHA512

          169af9e913d280809a51a022917f64be481012962957c233bbb40b7bc6bcb4ebc781fc53cb767d2a41fc090e406cc2e0bb6ced4060f9f20351f2a6a31541de1d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b93a089a6015cce4a4dedb9d5b18c19a

          SHA1

          98a1c22a874c17b4ea31eb5fba276914489b6a29

          SHA256

          909f80bc387dec6e00d46e8cfed7bb5e94d743a1fda9e25d935c36a0140b5054

          SHA512

          ad387dcbcad61154932e7ea9f36f3c0238919f9df8d3566425948e3b6dc602469b6f0b61f781be4c9a1a0cccb1899c05f4fd493aefb60556e250814647924c52

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7ccc5331149100a9b8427e5e4cbdc7b3

          SHA1

          b8d3161b15bc40a071ba8689188509d8980a49eb

          SHA256

          9ddb0c6c25cf6400c76e19b718f78cc1af748f4b35fad50f90a4afaa7068f614

          SHA512

          81dd0316d6e9336215a70e55eeac10bb6ab284cf80694f4225d05765c3279ada4356526949b05ea062414a5eae7fec0c4d80c7ce988a74d74a5160529986ec8c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e718df4f45b3870e098fbde3990d6be7

          SHA1

          df1d7220c9e78b78028f282ed121caceae50351d

          SHA256

          7c6f5b3660cd71418e6caf24cc6a8d2d3d9eb5a1d94154bf72150dbd7eb673fb

          SHA512

          2b28041050a44e96131e5d00dbcab6252b13e447be33427643a7e152f4d47ab234fb3e53db68770f46b2446d31d2ed073f83711a9a49bbbcdde0386f0a5e0169

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          925f29f362e6357cff24e83fb17df403

          SHA1

          6399b3b4f709705511028501ad04798352d20c5b

          SHA256

          9ac0679d91957cc0aabf6c12cb15e82ab0911f4d6ca081bbd60209ee5b799445

          SHA512

          a5f55bd3aefaad5f07bda238e9eb91eba77cabe2ce3b146b48c7888fe14f510b21e5935d90cfbf9729d6f81cc1129caeb2256294ef1fe837ec6736e9b4d2edab

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8b943698d154e17e2dbaf74389c1a562

          SHA1

          bd10b597933ba3c7a356065bf1ee8759e045c387

          SHA256

          5ef703abf72f583b70e2364a4a44400a77ab8e36d05393470d4358d90b753225

          SHA512

          1540f27ef936713f59e791e2d73f8f3473c738eb59ed95a646f6d3fec0e197d94200bf2ee1bc492f54962462c96ac9584b7babfb5379d16db9104e7503ab1835

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          503a45c8a6727c9101911e95a91a401b

          SHA1

          e6206d7551364b58d9e7dc0b928e5fe12a7f9177

          SHA256

          4518dce8f7d9b5933e6d50f37ff159ae4cc349e972a5087d534dfcad20279e2f

          SHA512

          70f3ae441f2498b0f109df79a783c4950a7e61aa00fee71dafbb8d08cd3f8c6df99ef3135a7c5ab1498b8a0722c26ef621772ff09eb742f23dd235e5eb99a574

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3c551f36d54388aeebf42a23f6a18fb1

          SHA1

          8ddabcb4d9c5d84df788317351bc146280c51a2e

          SHA256

          64a30a22373e67beabe1420b17573084b6a6cf6d5aed2865f0337be3c49904e7

          SHA512

          a663fe82bdb183dc6c6c70839639bcfa9e5e7dc16c92882a98abfb0d0b6ce2f02989b5f6a4b8ece782bebffb85117c1a10cf8832a94d8f5d94248bdd4d8a1538

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4f3f68fdebd266b4cfb1cde15ae54a60

          SHA1

          2cc0f822f48b2cf614e74e1a05ac677e65f53863

          SHA256

          9d9b7dc7e19d4e1dfa37f066c6d5f12296d86035aa3d031ae3f8669ceec217e3

          SHA512

          e6e342a786c07b41de5d59f0593b2b0a4e7a5484b9539a1bc31cb7cf66de27ae3ee6e9bde316e2d91351e682c5e3a5c7f3cd27cb99efd8beb768dde3694049b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b4b8d05839c7ea6137a7c66cad08024d

          SHA1

          1e2841d2f2e4297ebf6ffb361a4e008387267b15

          SHA256

          d3e8aa7c5c3bad073fb3b021be60927848c3db9a4868877e40d9e51c74050158

          SHA512

          ee6551429bd29f479f75f904cc1976c0dcbbbaa755c63a0f92cb3e74f00b92db62a7e747da5ffabed0407bd8f01eb824f4a83594f55f16edb93ac1ebdf120a17

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4BEF.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4CB2.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit