Overview

overview

3

Static

static

3

c1de5afec9...18.dll

windows7-x64

3

c1de5afec9...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 00:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c1de5afec9ffb9d0d387696603b28b63_JaffaCakes118.dll

  • Size

    84KB

  • MD5

    c1de5afec9ffb9d0d387696603b28b63

  • SHA1

    8f0da17b842baf9837a86d0a6b4ca389bda867e4

  • SHA256

    b509dbc9a2be42c2dc3350ab03348a94357573d185551267ffe34a6d87a78b5b

  • SHA512

    f1081c4487e7550ea9e60bb3c8296dfd35be19d240b66e319f586fd1ce1b03e6b27f5769a18a1b9119a36f4045ee19104816229829a88b5945cd3060f2c5eb62

  • SSDEEP

    768:35q3OPSx79m29dVcOzpRlitwXK+6PUZJGmRXk:35qePSxBhdVcOKwXKcuwXk

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Modifies registry class 8 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\c1de5afec9ffb9d0d387696603b28b63_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2348
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\c1de5afec9ffb9d0d387696603b28b63_JaffaCakes118.dll
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Modifies registry class
      PID:2228
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2680 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0a7c04135b4f788d2242dbc0a11a95b3

          SHA1

          26b5a1eeb464fcc86a0b396c9f94f43b261c0138

          SHA256

          7c35c6bd5fed51278dff9d25eabcc94387012bfca8748bc5e6b0925510a92d09

          SHA512

          f9671ce6f02fe98f6bf1f9cc70045903ab40f507a6c36f273c39b1dfaf81afa932a94bdd4c33987168a1502bc272f4542b6e101fbc6f4f4e378c966f839f48cd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5d20981f1e8e717561f0cf323306201f

          SHA1

          68c9a79386c6e1d7fc37ffe74b89e091f9d7ee3d

          SHA256

          11e4c487f3fe1a15b74b31c38843965a019caae742d19953da13c29fff3fba16

          SHA512

          697954b7e73099920845028c6ec763edf9b18cad3f49558555e5c5531474c4192be75002a83e49a2ba4670469da1a55968277b826e77d75c371f5d357b65152b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1105df1fad812c471de3e8c22d48e7ed

          SHA1

          bbdffd9a2e723fc20c73fe189b0f0bf567fe0145

          SHA256

          9d797778021a2b83daa254ee5bc94f4f84d73cb9f56f26010a0acdcd0ecf2f0b

          SHA512

          d9f5d0786b6aef8104091b56c418443b584061e37660d606032a4523d6cad73910e5c1ef34434b30a3c168999770c87474b55e557a3a0eec77e4caa6d643b56c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          08f55cfd04123b9d81a57d819b3d5de9

          SHA1

          976bb224da39a65af929cf0eb52701b38322f6bf

          SHA256

          6f7f02f58847a18f1973ed4d100e050a232f72303f9da1347113587508e04bf5

          SHA512

          eebb228261615298f78ff3a9ae50014ed2331fb70d491d30bdbc64161dff1e787ea2aa98edd8e5bfd404e77ef79fc291218757f2578628f02e0aca0cf82f4d67

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          237c14eb05ffcac3c3df5d92127b8292

          SHA1

          fb44dd13ae904cb6db963118e3cedf24956111c7

          SHA256

          0e87c576006669fbd21a8c0f11a0407ff73c586f44d16b3aeaff85853b10f164

          SHA512

          d8a6785d0969b88ad4cd6c6d0ccc7a722985b04bd07b52cd992c864ce369af4d50a5d2bc0f7c6d23932b728a468b064a3bd312952a5055cf68565d94ed4afa3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          65b87949610e15e3e265041874024afb

          SHA1

          350e1ce6b12320315f7b05e0fc94760ff45d966a

          SHA256

          1abaf067347097c13936601e88ceafd68257da4eb7a3b1e03b55797515ac3e9b

          SHA512

          91290b96ce219702527c3e97cc2ef362a92032d069b166e8ace18c2395187d90f07d84036ac28f56695df6cccb8e9ba18ee87d431c48159e9ee1bd38a00e5413

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          629e5838d4fa5a1b347a28fd8172c36c

          SHA1

          2792e1647944fafd8a31e2624b9e3b359765a9db

          SHA256

          9d72e947cd38da1ec2eb08cf5f2685c0079e781b3f7b508fa521ab2dca2e562b

          SHA512

          13a4579a45ea30c570c85103c3f1d866a29f44f31b467b487295475bce021ab2e5e77a4d0129ed0236b553809632416c6edcd9569960920bd7c3f11500fdab22

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a8a44424493370c7856009ff81067396

          SHA1

          eaf28ef26b3f0a85f95aac8f5362284a9cd292dc

          SHA256

          a6f2bb79fb15634424a5027f6ee3b02936030f898be934070b84bb5d56454943

          SHA512

          5f09201ce29694b859079d3716b3f7e38a213ee13417361fc2f28e8a78eaa51d1340bc74cadb9a39a932e4f37596f41e34ac3317a03ac3254570f800ce851801

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          82cd5547d786dbbb59109eea097befda

          SHA1

          ce6b42310dfc63a6719099c2f16f8c99dfacf35f

          SHA256

          d680efb6313a59215ca226628c21f378337b4ed462c829d74f43bb147b18cfea

          SHA512

          d348478eef7e87de0919da8fad48de2eb3ebd27d6c0f0abcdfd5af02c071d5ff89d79c65e7cfff3d13609e602aba44b74a4e469d00a2543d1fd74e3754647502

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c406ee27161787ee2a86b26c3ffefa2b

          SHA1

          ef7b7be913766dcb4c7335103c70239cd94ff6ad

          SHA256

          a7b3d25a44aaf873d8acd96975095b97d87865177bc0d0e0fd0123928dc9e133

          SHA512

          154fdb3411359baafa9cda34afc6063b04ab1a54dc4fc1b5432f878fea2ee5c092c5267eed42a8866dabb26bfb238a300c67a93d0096964ebc32cda967b985c0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ed330d6740f68b986589b6fb68a50a67

          SHA1

          5a4d12805a1a9f986a3159d939f9fc4e0f75eef0

          SHA256

          a16e416f975235d6602ece0af23098a626cf906eaad6f3a134d1002ea793e466

          SHA512

          5543b00a3af67e795f9b583d794184051e3926af53e0a973ea252b7cbfa8a90ed2f5a5f4adb51859eecf7ada952747a80d297df286b1a574627a33e2bed0784b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          21b0c9eb7ff1114626808bd2fd316e75

          SHA1

          bc0a258f50d06d2a484398102be1a12f394e777d

          SHA256

          6350ff03d3126cc2cf6573f5568befeb5360110445ebce54d9dc975b344c9f3b

          SHA512

          40185df721dc9d279793477f28ce8507078930649a824fbead24b732f3ae9e7e50b52f5c2c719872b054b81f0f2248e03910306c4d971e3e97c28a8522fcbc87

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab18B0.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar1921.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2228-0-0x00000000001C0000-0x00000000001C2000-memory.dmp

          Filesize

          8KB

          Download