Overview

overview

3

Static

static

3

bc1e1034e5...18.exe

windows7-x64

3

bc1e1034e5...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 14:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bc1e1034e5a53ed2c30b47dbd987e60f_JaffaCakes118.exe

  • Size

    27KB

  • MD5

    bc1e1034e5a53ed2c30b47dbd987e60f

  • SHA1

    c6252ffa43578070ba9a31e61bdb86cbd81e5e14

  • SHA256

    cf0385bab7221fbd588023911a72b45ae9ae7c84e059303572f349010665da8f

  • SHA512

    ea3e184c01c2962d8bfbfd3135558fa9cfdc7c483727f8308c3b24b104ed0aa0eb58f9ac1b1d6ee11b0ff3fa0cfccf9096de808b8a640f92b3d0d746e23c5819

  • SSDEEP

    384:b/X2vD3xbfTdhmccE/97sEkU5KQVugbn6ajiXSaWH6k64Ltg36Ohz6wKD2EKW:rX2N9hmccE/NkUEQVuhBWakrch+MW

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bc1e1034e5a53ed2c30b47dbd987e60f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bc1e1034e5a53ed2c30b47dbd987e60f_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.flogao.com.br/ilovegatas
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2304
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2304 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2836

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          cf82f69e47bf4a9b7171fe199556a70f

          SHA1

          0f4c961a6ebd21b7afda18a5708fdfe7b312daad

          SHA256

          e60de068e1755fb46fce1098c1058b3deebf6c38d9e1c1d33eac07c12705134c

          SHA512

          0605ef85ce02b31af0a1a1d435c975b94d965c943a556acf0311312e6549e8a209b5e3f8b95cb42c26197261dc39f03c761bb3fc505b1726903ccd3a0a2ef090

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          83f788c3b4bb7eb4f5017a56ef2a77de

          SHA1

          3514ba970d360f1b1a01244b8d8acbadaf77adfa

          SHA256

          019c883045181749621300c96d41e33fb09b76e7e81f1c83e519d8fa79a75680

          SHA512

          5e1c7755066fcf3fa67f0bdf868cb48e348af7d0d0022398ae91fb98763496e62a72358cccfdbae63df5b4307f25f15f90da40ed14ba6220936f3b92afd29072

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          824b4cee552b65fbcce6f19fdba474fc

          SHA1

          2a4f40e1c0115a328cfb25cab4b2dbdba93883a0

          SHA256

          69525a38c17099ae2a1ea292e5cdb5c9858092908aa44c54121515f4c4e31e45

          SHA512

          7b95460945b2e00231e8789c1c14feacb54c126432657c5de755866266f3aa2a37c1fe690f529d872419edfda2dfc42ac025cb301823031a345ad56aabad0567

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          62a7900eb0d6067c5d564f918f83813e

          SHA1

          a3545fc9551541de4b4b6548156d29f14e5f4b6c

          SHA256

          540b31d03b972391192bacb80ddc7ce409ff163092f0592caf3ba53db2983083

          SHA512

          70539086e1cb59924e18f508e97528e06e673b3b23194dc12ee8afe680403bc6edecb773fdf635c1c9b4988800f5ca6d58ff89935539d55c3ab1c40446e5de95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          26b081f6ecaed9accffa5db2e2a12320

          SHA1

          3c6828e756d085fa6a1388a70885c9fff6212fb0

          SHA256

          94ea684ca514ca47e5032494ad149497f8c57e5cd51240870b17a181501733d7

          SHA512

          068f4e803d0a1a92582860450dd1e8bd47f3474153b8a5ceb3d38a1bcc5530ab533aaa3ac452b15f92018c921baf0a8665b1963372f9b9b00e92d49b8b5d8537

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9d814c54f84e5d2f9c1aee7dbbf180a9

          SHA1

          ea966e539c4eaa3c480ba83567c48eaa90b2bf15

          SHA256

          60ab49012541267ae9e7e9e38080f94904f320e475912298d35c44304f3d93ca

          SHA512

          67a87280f2ce26dee5d2f7635aa642ac57071d78069c82938fb34fa47d5cfef7b1c99aa8a34b8cd5d18ad1b62129e7136b0ae69786d0e830d91347c33a816501

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0996805f096d180d1981c0071fd35622

          SHA1

          42f2110743667b91bcfc53248457a626aeac27cb

          SHA256

          69b32cdaa3e8e2879aac850ad97a307365f3aef330334c56a89c07a62f960b5c

          SHA512

          7eef6068c2246e90157077b2dfb69f83e11b7ecf6169902d52c5105ce8efca3309d6f9aa5aea3edda1eb3046cf66ee9aa5c52920f630892a813a1112a6851685

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          49b468a5fc15b256c95a7b581995d9b5

          SHA1

          b852c403c7e374cb511a072028c5e5ba1f1707ec

          SHA256

          254cec8c3ff09b2234ae658681d6ae38e513f07f3c809e65d373437416afeda0

          SHA512

          6b7b8a7c096ca967686e306fea8c895a0ba224f80f99f2c76787e48d9846f9a5ea17639730d59265e7f345efb2d1ec3e6dbc2feab5e83aa1661758adbd362cdb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6232c2527f590087774fd9bcf7f3b9e6

          SHA1

          59b6f0887408e66959547f29bd071680520add56

          SHA256

          4785a14033bae8714bee958a86f8f77b50d301c694d59079ae4e1e265ce0fdbe

          SHA512

          6b1b8c61228594deaa15b6d0369c281ba1d35ef37f1aee6cbc18411539c4aff166629f45ba65abd6a947c5373aa0625b0fd42928e1bab93a67c9bec0c9d658ac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2796d1e5eff4b00ab7d8eb6402c5abf1

          SHA1

          43fc27ec27db3cae8e0e572d9312d30a14dce85d

          SHA256

          36a1c12d0d6bb91fe3cb4833b382fa882dadb0ead19c1a49b8e400593598440a

          SHA512

          30864f2c83dd99d1357559b16f9d141582eb762f5612eb4e59f7a8ab663396a3019d4327f5d71521945b7474069ae012624625a6ad251594aa731156f15f5638

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          283d3a3ede052020892ee5c556372b70

          SHA1

          12a52bde2d14728d40ef4975313180fa33a8d481

          SHA256

          8b6aa3de46c166f0d5e8e887be300c26b769aee57c0ea16dff13d873f5ddec34

          SHA512

          08b87fdbf9d2413a68517223c8e98227470b7a37484f86a6a22c8e248a010e3676f0ea1f55ff23f4abb784a7f373dd74137fb9c729586bfc0bdc476ce2b3bf5f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b3695a2a3037c29d38db5055ec55fa0b

          SHA1

          58ebe112b6df2deea0dce269e6122c667fff8152

          SHA256

          222845505a3c4d7810c2eaedca00f94ee1aaddb1efe9a8574eee44923c316dcd

          SHA512

          4bd342972cced081749ce3156f35621aa1b131db276daa5459013ea51a24e9cff8e357edb3cd0565e423ee56a22fbb0d5914d7e639fdbb4ac8892eb0eb33b614

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          61b9ea28e80e9d44032d79a225708805

          SHA1

          db9bcd1ea545137ad38cf9ade3ad92e0f8942d68

          SHA256

          aed3940d418c0b2a60e073be3e4b84bd89dd5efd5233dd0341b5176083125d72

          SHA512

          b21284dfac9fbaeecc22a5da60a3b6bcd2f56a4eb0bf571668b27f76b77ab7610ad5c97d2b6827e672106b9bfc0a3ce29098414a55cd83df98edccaf623a1cc4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          054153fdd63165f68f17d4d78ae4bf17

          SHA1

          608910a6032b48b4a48bebcb73e9090242023f05

          SHA256

          6e88f84b06bfebd31e1a8df03f9336406a5451939d878fdcf2e3c6407b4fad5e

          SHA512

          c44c090457eff1fe1f0c675972fbed6cc04bbd9421c6705dffbdcacd62e190f60bc346ece1b79e6a911501e32309a8114655ceab27d7dd144288ebad64288655

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          36571b8fc243d05342be9e7fb23dcd03

          SHA1

          35fcaba642886c831ef1841e9b021034f8c2b081

          SHA256

          f1a6dbb66fc9f8e0642d3ab556ff5b568bd88e026a77337f1e3f087fb39c9d85

          SHA512

          25da7fa8c857a17bbdd86e516b8fad908dcaa770282fc931d4a5ca657ce9da9abf59a94205734e99ba29d8c0b6222ed056c755cc1045d83cd78a509b4060a851

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c552054a14fb1403601bae0a9bb6921e

          SHA1

          53f451206f86fe52a0697be95b7317b20a5ec4d4

          SHA256

          5520c0b8da88843e013c518ee3c985fb80285cc0d531a06da76f4a8cc975e939

          SHA512

          96adbb57650133c264d5b4d7025ffc68dc06279d6d90897acddbfae877f125ab359ab0ddd661336027cee17240bd9db16d48e06871461d0732eea908dec5ad55

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          871e175774dbe28de816574878607eab

          SHA1

          36af3a4301fc61b4de37b23d250633c7f631f1a6

          SHA256

          bfdaf227f3bd9472a25203735701baa35faf217e097eefce301cbfb6aa254e8e

          SHA512

          651ac1e84a745cb85ef7f98d4ce4e94a58a54bbf6016fadeb39a3187d8b62575d41d2cf1d67bc36b40e5fc8adc14c443cd12724e274e317ad00ae1898e315a88

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bea703af3850229d774cd6009f63efec

          SHA1

          7bec404c2f69ba9ba1873f01b15d8dd3b94ba213

          SHA256

          818084b788ddd07d51349fc8f5862ac5982847248718952035fc4d47225e5ed4

          SHA512

          a68892b7c50f3106a2c7ec80d7bb922d129ef4ba7f8b96a59ee0b18cc90d0d283c912a899a95ac4bdb4bfa30146d9fca6d187de36eed5f5553592bf430ef2b86

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          449a452433fd9ee6012b384ba3e26ef0

          SHA1

          10ae9bc2efdf0d33e1838a53d260f7f251d02c60

          SHA256

          adf2123fb963cc7f12e7c3e74c8fb232370e50c1dada58dbd2db5c0d6a15bd11

          SHA512

          99034e5e83a804fc5372efcd2f42642727a92af9be1b8a93c86697ce3d382a77270390d7ed839db643b6c2e231fa1f241cc6a83b0f0c8ccef256dcaa9fb4f3f7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTBGGANG\styles__ltr[1].css
          Filesize

          55KB

          MD5

          4adccf70587477c74e2fcd636e4ec895

          SHA1

          af63034901c98e2d93faa7737f9c8f52e302d88b

          SHA256

          0e04cd9eec042868e190cbdabf2f8f0c7172dcc54ab87eb616eca14258307b4d

          SHA512

          d3f071c0a0aa7f2d3b8e584c67d4a1adf1a9a99595cffc204bf43b99f5b19c4b98cec8b31e65a46c01509fc7af8787bd7839299a683d028e388fdc4ded678cb3

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\recaptcha__en[1].js
          Filesize

          537KB

          MD5

          70306d36ce9dbcbd8e5d1c9913a5210f

          SHA1

          04949ad636f8cd09bf91059bc4aaf1973c92a15f

          SHA256

          1425b3dc4e809e5488aae10e2eb2511f652c6a9c3845c98c3fe69f07fe0c9e2b

          SHA512

          a7f00ba83fee80e7f2006c9e1f0121e2e515f4956182924e67c95a8c5522f30735f7bf4a6f7dcf3cbd29a685e967b1c4ddfd72d7f1f4cefbe55326becdacb275

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabBB46.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarD471.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2520-2-0x0000000000220000-0x0000000000221000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2520-0-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2520-1-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2520-50-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download