Overview

overview

3

Static

static

3

beb7529c27...18.exe

windows7-x64

3

beb7529c27...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    beb7529c273525ecc952f2ee0153102d_JaffaCakes118.exe

  • Size

    33KB

  • MD5

    beb7529c273525ecc952f2ee0153102d

  • SHA1

    50de60a96e43f82fb96ab0f97672c3ff74e6c372

  • SHA256

    4560b3a888eb1e48f673a849552de3a07e9d62da3477609dc0b829ccd0c8796e

  • SHA512

    7a9ce1c19ad980a58d0f0ca0260d3485cb32ef29b82de1f9f1a60d51494d23262cf7f1a459cea61aa0c63b82a5bb8f8cba32f70f86ea5be9b1bf7d68e801bc3c

  • SSDEEP

    768:a+VbCdFlKf7KIlPLG/4DM0A0Xkcv3USiKbHxDvN7mwCZDJ8jq1Fm:a+VbCdFguI1GOrA0XkcrVbx57OZDUYm

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\beb7529c273525ecc952f2ee0153102d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\beb7529c273525ecc952f2ee0153102d_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://paginas.terra.com.br/arte/webcards/visualizar/card.htm
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1996
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1996 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23b2e10db205c8e3f3e96c57258dd318

    SHA1

    5f6ec6d43d6b8009fe99c586ade11a2fedb8fd0b

    SHA256

    cb3ad15a38ae78a74a21b3f4d2e07723fc7acde44ce176e2a170892af342860e

    SHA512

    085ca2d0d23c1e04adfbf45faf8c651e22dd201fd361ee16292c020124a3e05c3235365958e67404eb287cece9dcc5f1c2d5b377d8e728fb4582402bba6869e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    153e5af3cc4fdda3fb0876ab27517da9

    SHA1

    c3a9c0c0ee0b3eed043fe7b401fea3081462f690

    SHA256

    bda469331e66ad00e85bdcbc1d9c7a7ea0312792e1fd6186afaa3c0533f85658

    SHA512

    1e1af62152a3885c88fe1cda822fd9764a264815cf6a680d50ed66472c9a44753e3c1fbdcb2e65a01cf387a7d224f5519b82206f987d8e0c0dfebef3b9b360f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4828bd30e455e519dd961c41dd3e1940

    SHA1

    c5e5f00f0a11657b3ef2ffdf1c115ad52f3422e3

    SHA256

    df7cc05b2a4069a8a1a0c092be82d25fe048c7f2ea5dd30eeb3caa3fb22ae2be

    SHA512

    8ee50ea7bd614494529113745429c7e2385b9fdbffe4078609d36cc8d65f1cd94a11eaab32ff161fb9f34b9e468ce3765e27d195eb954db4db5dc5db1bf23e2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fea90d9bfee79539c29d186f500b1d6d

    SHA1

    6bbf90297418e5affdb67d7e3bc9521ea6115423

    SHA256

    8fff2d4c3f8f11f787aa71832484d3c10d49b1837f42c4153e07cf8e82ea349f

    SHA512

    557ec1b62c9f4a91bc57ae8a4a327bfada46758bc2b5097717d0ba49113ebaf68d53ed42cded1e343ac12a0825a0815a4299ca77afe1cacc0d72b97fcbae902b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    979a9e5bd773d867773d452670813803

    SHA1

    9ba7e29f1cba2cd838d7257cfd8557739849b1dc

    SHA256

    9ee4a20cf003a057f59b259f54f4a3781833a92fe27237a8d8616fcce69661df

    SHA512

    5a220f770ebf16843467d93fa73ab0aa59b1782f0b76d2e07fadc792ef2f8c51ec7e0f42010860439e28e23e06b47dd3151902eecfce47af08ffa994b3e91768

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19248dfd954e3ba7ac394255d48673da

    SHA1

    7d4fa668ae4eab60db0f50bee408b6e488672c3b

    SHA256

    81c3651fb30cf5690f810f272dda36ac61a07513e28317934f5a8a5ee4716cb7

    SHA512

    a5a67448287fc66760f501491e1af22a5a99980b3e29c7a1ea0db7b390521c27a09e66331b6283767703bd34a3e0c6a147d9c9f161f110f1ceaeb7e0ae292787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f191251e10bdf169c519ab96b480f2a1

    SHA1

    53fce68c35a80a6559021e340d30bee2071fb46c

    SHA256

    4e5aeb9a520216f2a8067cf6e0be87c6077338deb6f400b07ce6e69d1cb31848

    SHA512

    05ab6b85bbeeae6758185bd6de4b0c7555c65861859502da4fd57d7e202649cbd06602fd189dc4b90c7150f475225074044e351fd7b8ffdadf74d5bb8f52dcc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c80b524facedd571d1cf0d746242def

    SHA1

    4528979497fcb7b686e360c96235a202b0836068

    SHA256

    283eb131a4be0951a3f396d2025d9b3eccad608026d5b292d16fed63e6008726

    SHA512

    4db19803ba8e0f65a003b9a36cca734e57fbb7e4d98370b28204c399abde49b6f3de4061ff2be624423876c13e48b3173e8e31314019193c24ac8f09c88c2655

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4d5dce7b383df89773ad5d2e7f5e50a

    SHA1

    866889b9620a9f869222ad9bb02291a0f21feb5c

    SHA256

    72f4500748a94c6b2d7ba1d0e33ad8046a29ae246a7cd255961be2aff769ed62

    SHA512

    f41fea7d881c2087851ccca15ef81e82aa1fd564618ef1ac992f73d01e6dad2858043bdec88c4bb82cdb181d6e0a2c97ee16a3ac337249e0b3c07f7d8037ee8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8397e41683d86ac144268b64190ee6fe

    SHA1

    5a9974ebd1f26e4ad44fb971436e665ab2da5e0d

    SHA256

    f4ba663a0770d553ce87673042902047fabe5df2febf2b994d9f9554089f8826

    SHA512

    e617e82adf561fae6cae8da4b34ae5c0f2ae84ae83453565d8ca8a0b6745cbc5e6d42e2abaa79b91ab0a25a3676ce689bdc456eff6ff8e55b95af4c757ce72a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e06dd31ba4a709e9192bdc7c33e738b

    SHA1

    1a39dfe316cff69b05a5259d84e31921f598f341

    SHA256

    13f2a49fa628abb3fc82f6964e2f763266a61b6a23d981ccf14c806d3e91f370

    SHA512

    3e4c2efbb594ab2f016beae26f638d3c08dfc8f282ea25ad58de0324b2d3c7abd003d956448a6c5cc63218557daae637d5cd594bf6672e1cde2deb77e03f8e4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53ecc1970b7af2db6c658071d3185354

    SHA1

    209ef2ecd5867088e606637c1eedfad5447238ad

    SHA256

    0884b71ca3af095a2782ea3274c7900a2f381549931937ad3956d11c6f3a749f

    SHA512

    eb2683f4eca9a124c4e64eda4b9cefa58eb972af09e68cace387a9601ef3fe3a24cdb07aafe63ec6f049ea28f570e4c94f7f8ca45ff0d8064dbcbf630061dd10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8e25c16337fc76431e6393bec8c2ae5

    SHA1

    23edadb756b65c158ea5a1211a81bba1c77c8b9a

    SHA256

    bc9f997c6320266ca762efb7b9f69a76a32e5c3eb5bacf5d87f615b5cf653a78

    SHA512

    a578fd4c8fb6a58028183ef43c190c788db5f5e4c772b5b251ba974ae1b995c0ed1d2812311e81dfa475f2b53f1595ed62434551372aae53af10c1cec0162ef1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ed627a905fc356543c875a2500091cf

    SHA1

    618f864d963b08f52b4ce73737717c84f4d7b3f0

    SHA256

    2a2811dbe91cc80494c795a2e7b350dbd7863d55c636ef99f1c44f5fa7431550

    SHA512

    f33e107a7f18d1de5bc6fa6a181f907195e799f87faec5864c389dbc8e59023cafdc017016225b9515d0ff2ecf9d698217289284a5f1c3f954eb1141220667c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65d9a3ace104e3179650d8bffc25d3ee

    SHA1

    2dfc6b81ccd042c348fe61966c04d812d1ac5fe9

    SHA256

    c6b030a8a85a902c8c9dfaa9181fce9b2394a4bb8f7403d91e11f03ce55c7429

    SHA512

    0b13164071c9a79d25dc9996846ebf8cf1bd0e2af6e5a6b4d48afd6430f23404654e7806a5e5ebe37f7aab9aaf178ed28858c743a476934b2257a5d8e6c34784

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42383cc0640cf087c0acdcbc24cc0b5e

    SHA1

    85f14d59286c45a41d7292a0771054268c6ef468

    SHA256

    385d5b99226c55e5b5f3745943ef8e405476c087cc653ea7829c7cc3a6970ec7

    SHA512

    4d9085932dfb37c4cf1d64586c54c20a3cd954433a9db7ab5081ad63d243bea488ea877a9b61a46932ff2fd99df10e1c59038732aed068d7eee00a823baf9e6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f3065449892badcac3786e09b9014d5

    SHA1

    ecd455e07b8eb876918f6e4abaa81c39b566f068

    SHA256

    eaf721b206568175ace8a350741535c01738ed17863e64ea94b6e06280725b7b

    SHA512

    1cc110044936da951d55f74b695ba2af5e196d0ef7c0fdf54f45ed8a63689c907fd3b1757ea5114b31f28baa1a5b158fe616910e027ed9c6e031bd5d8c2e56a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ef9b8bd2f2c5ad1997c66bedc427319

    SHA1

    b1396d3e461a0b155e5024d47b3937c902649365

    SHA256

    d4366ff48d00a9016355e432edf5dbbf5a86b4502780a35355ec14e5d8d69f0f

    SHA512

    6f41e2fb05a3db1380554dc258c5c372c9021864e7c1611f853cd72c6b6c0be278818e116a4a455bf1088f82589d2f872f3cbb326d3233078c668eb8c9fd9582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0c31cebe199f3ca127d18dc8495d2d0

    SHA1

    78d8c27c13388818d24872caf0e291f40860a0cf

    SHA256

    6fbbe7e83b005a07cb0ad98d9fa0ecd158ee9419f4cff9e99948cecfe4a26147

    SHA512

    d132520b8e45b1843ddabe91be20e1f4686fa1773d2ac12255088d85301bc3216a9c4f0798245f905f9fe4d82e0e7a6f1dfec0f709f33b9d7fa4c94edee5f1a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCBF9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCCA8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2116-332-0x0000000000220000-0x0000000000234000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2116-1-0x0000000000220000-0x0000000000234000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2116-0-0x0000000000400000-0x0000000000412000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2116-10-0x0000000000400000-0x0000000000412000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2116-444-0x0000000000400000-0x0000000000412000-memory.dmp

    Filesize

    72KB

    Download