Overview

overview

3

Static

static

3

b0991ae78b...18.exe

windows7-x64

3

b0991ae78b...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 19:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b0991ae78bba937cfda1fcd98efb82a5_JaffaCakes118.exe

  • Size

    184KB

  • MD5

    b0991ae78bba937cfda1fcd98efb82a5

  • SHA1

    d452a549306b9b6483e9026c5d5eb1afd0a758da

  • SHA256

    cbd826877bf1b0065a8e941d13ea11f08ab7f3c997dfbaee86860d74108da6b9

  • SHA512

    3cb094ca04a615c671e5365127cb7bfa225282302de1807066c50d0dc4500eb86d5029cd3a8b0fdd2b1b515ba3685c36a27f6eb82330cad44523609b8e74094f

  • SSDEEP

    3072:chNA5Ei4t0ydvcLHFjbKTamoKvU4WCNChP5VKZOYTi0TzYmmpDxBTrflNznddBx:mNAd4t9tcLHRbKTaEvUlC2WZoQipDx1/

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0991ae78bba937cfda1fcd98efb82a5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\b0991ae78bba937cfda1fcd98efb82a5_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.orkult.us/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2864
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2676

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7dd974128261f3dd71b428fc48093aba

          SHA1

          7d3138040b8a5562d390f65b5dc4f593f58d13fb

          SHA256

          1e86ccb24defee7f4bc1dcc03c920a18cac72c5e66e910a8460be8da8de812e1

          SHA512

          b3212fa8027360a8a1e03856f71a8441ef88fe4ab33a3dfd75fea1daf8b2c86ae89f2df37138f75a207d99142f1ed6d5065831ddd5df795d9b51b80d1c164fa9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a4997270ca998b49d6f11176eac30cd

          SHA1

          a4da2e61ad00081acab1f23579b1b345b5f4b4fb

          SHA256

          2be845b9f0a13644a7676fab5ae7514490ce5b2f2de4043a2c6f19bca701275d

          SHA512

          7541a540e0c555e60b0c5b9aeadbf4f6517b3266a549c56f9d1d2b90fc9cac0d6e38003b365a6bef608e053086a21e226adab4c3d33defb0b18adb33d935453b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e0f7291ad9e3bc2c31e2679d2f0252a5

          SHA1

          4bb829c2b47535d7635e617d5c666c95aba4d2bd

          SHA256

          62017fd1f69e450cb3c3c2d9d66ef654cbadd675de58f981c377f821959d0c64

          SHA512

          4c546d9c8a75f185af3a284ed809dfbf087482315ef8e7de3bfd3be985c0b92d06586ac4a0ece4cc0a42de6f5893d4a9c7e323cbc3a17df109062685815b6190

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          666acd02579ffcd6a7d86f6944f1c61e

          SHA1

          ac5529e3b81e311f01890e2c87776a5e853458e5

          SHA256

          e40c50f1d3162bd592b4b060ffb318b4837eebd334adccd407cc6cf72796e9c0

          SHA512

          a40bd647e1ac55b049393f2f9bc951079e621c42fe1d9a2e4643f8044feb4360b1a6b79dda71a566eb8728c0be2a6f8e941715c055b66141aba0a872a069d843

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d612716d36604faeb4581388ce890878

          SHA1

          0e4d2b86be2fab9b0cb72a0d31228da1fa7bdd13

          SHA256

          15d7fe6a675b5083a8ce550f8a9a0e2a3931b222dd8a7a600c03f1a6e82a2e50

          SHA512

          806dfbc945a38d1f1d066f1fd7cb54e93792bb3cf42dd1dab7d8823cfa54f006266b6bba7eecdb4939b1b17e86f04b437ad14303d0b9b530199def76f7ffe004

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ca84e52c9317355478145b666226d3ba

          SHA1

          4813c33da3184b600a2d9143841b3672e4688204

          SHA256

          539aad48ec705d08b237512b234f173eee3e124aad6ef18427628ca3776717da

          SHA512

          4ac5c1df88ef1bee1d43fe0e0146b8b2e74d2eec7e7a1a07ecfc5adc15c69dd0bfee59949c47eb3f1244fe968c68b144c926b76bc9c6c9a9756074c0e0aa5f4b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f5cbc7bffe898e2db9d27a427034e1ed

          SHA1

          68b8dfd1ea067994197e97b1d5e6965e5fcc070c

          SHA256

          954c8cd541a3ff1aa25dec967c276289a4f9cc97c01b8dc1a029639f306ec86d

          SHA512

          ab5447394ba88103f356c35e88dc7cfa3c77a938dedb8236c60ab1a8c17fddce9c1f87d8e02f018abb2c89782762e60dc0c6d4ae2b47c7d822447399c16077cf

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4c9d7787f7dc53928aec44cdf83ba176

          SHA1

          fd966e22c0077c74571c83ee428ec6604babb27b

          SHA256

          6c0906f1916101ee0a68ca6df9a6683dbb9b2987c959c5c8d9e7c795f69bb459

          SHA512

          afcb6c4e854f0bd59fde5648c502143510215456205576e8e2818ad95f4e559d8a2840983e2fc3ef817a85f9060fc68726b3ea83089b62044ade7446e610a28c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          41ca6401d5affd51291ffaaaca951478

          SHA1

          8974ce08f33b191567455f832d074463f28461c0

          SHA256

          5b927d1abb58c518d86ad4f1c2a7485f26354ee04aa23faa6f7b5fcb0f00d1e1

          SHA512

          625f2384583237fc18c648457887cb02495c42958a9e76f1c979a1a24b998eec3e775f0d52b6b17d4be8f92b794ac6ef50fc33e6907591e4bf4e2ef797a756f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7e0ada85a7d7527b87e1800b637a2fae

          SHA1

          9e735763e7b7db40d91cdd31cd81cbd39ac78fa2

          SHA256

          13239807603eabcedcad6a6dab5d33cb70fbb13d2e7dcc0a870f4c29ccb58266

          SHA512

          7cb276c468d5abd974a93919774d42259024a6619a416b2d4c0bffc183758f2320f6c05a93d9bd4867c0d8e02bf85bdc9933553192554f7dd5fa5960e75ed81f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cf42952f13f1e563ba01ea64cf3df069

          SHA1

          c4583ca8ce20e9996b792ccf5c71b0f77077118a

          SHA256

          66aa3e7c69c620279a21944e3c0886f35e0f26a25bf75610b23ce4209c957df5

          SHA512

          345f3a7f68fe2720f984f2b7bfcb0710a612fbe768fcb41f4946385ce42c3000c3c4e729bb7e84db129a758006a2800041b780251690cc87af4560bb2a5e58e5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a38a35bd5ca945365f272b13d93cb9f5

          SHA1

          7d09da4141d3539b84cb36dc96e9a3ee20d1ec64

          SHA256

          bf1246308778efb976d6bffe1e40dc6b66ca141b0d35ef2d3f874a0354b9fd54

          SHA512

          8e46ab068a0d30567f1f9492920be83208a28e673dcf86ff95980a8f4f317890bff6815e7924993d210714b847c699481cc6f1c6528e53a4966b48c4074d1714

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          428760637bcab559193a1c7f4b6ce155

          SHA1

          cb0fed0a4fe42b24f28bf397510fcf3bcc637b6b

          SHA256

          02806892d20484e3d92ef6fbefaf6689d2791c861f44cc051ecfb3032832761e

          SHA512

          0e7c933938ca001d6070d0e1811398e63ac14ef965be92424708e88911397b6b036cda0877626c63704ecb5de07bef24713b45d85ae782ab8d071a1906d9821d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b8c398fc93107a7b176a9975aafeff6d

          SHA1

          313a0bd105840fabb8ad0f7d7d60e21ec35c5081

          SHA256

          30407882b5dcc9838d849d66926e4d8f3712cbf8db31d4b8b556c356c4b605c6

          SHA512

          668c58ffb4e0afb275602f0f57bbe62967d723ebe856201f241c10ff99b1f538186d138f2496b5ac5b7c6e9b1f1fe94afe9e932a1f678dc2bade73956f1cda13

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c077d31697706c22b815b696e14cb8c1

          SHA1

          ab77506cc1034a80069584896958dd658fc4bcd2

          SHA256

          4920f47228993be2efdaf8dadbca4874e094178ebeb0e65aabcd35d168cfdafe

          SHA512

          f4d8a2457becf420f1c8049c8a99b95011a83834e81c321e4eda24b45c2f597c7ba44cfed1a54aeb638f75c66baeae3aa896ee680c7411aa14f671516ff20853

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          494513d2e3cd7a1083fbd3d6d9139d0f

          SHA1

          b9f7406e72832cd4a61522ab405e7270bd1c1bfc

          SHA256

          e4af1a25c73799eae6bd7d80a433c6e863189646b0c4660c2299a3cb25606494

          SHA512

          03af995e55eff03883a23ac9370309f4f4405d1db48e092d3b6c8b4e2476b385ea909ce1b866deef21515dd959274d3a697878c1288bc0c3280785e0869a2525

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a65406870f71cce887ac684e8b4430ae

          SHA1

          3ef84436568ec32445e38d87280c7a56f798fcc3

          SHA256

          fb7b5e9c6f30f106a764ef800545ca907271e6f148819287435732de9f9e397b

          SHA512

          f3367bac78cebdb7842c4c86ef52eaf2e3eae24c951991eefae15b3059189ca608abcaeb6165a2c533b69249777d403b338ad085ab668d785beef8bab8d503fd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          31c7d69566c2fddabf28a90111b6e6e5

          SHA1

          63f60f314ff8b6d5a11cb20328ae518a54641863

          SHA256

          0c2b597217ae56a8880a58e1eb4d5c47c5d1cc3fafd94e7626bd8ec1f757c3c8

          SHA512

          db487d7c2cbd70faeb2fcaa58266b6322829aa74f767c7c45c7a6633272904ed79ec819047d06a787bda682856faea7c0ade618c6587dd92e167e2f171149a54

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ca01caafe72ac000c15d51dfc732246

          SHA1

          57802923095e236dd0a30bcff766785e158d2f9d

          SHA256

          2ffce0ba092dffe94b28f81aca07eab9955f1525ca6705795fabd048243617b1

          SHA512

          d10c980c6f58b91cfc0c101a2c4ddeb059b9b1c657121a3382e9730e5f619d8f3b04bc463fd6515290d955c32f9dee10348c79cb8fc7939445bea539c02d74d2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA1CE.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA29C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2692-1-0x0000000000400000-0x0000000000465000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2692-0-0x00000000002C0000-0x00000000002C1000-memory.dmp

          Filesize

          4KB

          Download