Overview

overview

5

Static

static

3

dbd0cc10a0...18.exe

windows7-x64

5

dbd0cc10a0...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-09-2024 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dbd0cc10a007c1e178e0bb132718d8fb_JaffaCakes118.exe

  • Size

    681KB

  • MD5

    dbd0cc10a007c1e178e0bb132718d8fb

  • SHA1

    8b8210af1363f85d69bd880e6c10f3b3d328f866

  • SHA256

    fb17a49b9522a520c9d9f03f7da7e83d4c9e293b0eacac3a764ce7ae6afa90cc

  • SHA512

    f0f382355a075838c2bd7f7b8fe21172ee9103ab2d3937e9fda2c6e00c64cdbfd5034c7c78bd4838fac44feff63d39adfdbe60b2f6ac9840d89c04dcb6f23cda

  • SSDEEP

    12288:xadjcrciTsXOG/0cy0wP+0NjewrOt6vBvgYUDL+YQHJ2EOXe8:xaRcvCOG/0Mp6qwrOsvBF2CkV

Score
5/10
discovery

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dbd0cc10a007c1e178e0bb132718d8fb_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dbd0cc10a007c1e178e0bb132718d8fb_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" ¨Á
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2836
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72ca2b50ab6a6f5c205574b421cd6f31

    SHA1

    9eb67975f64ee0f1dc6ad61309b8dc4f1f00d8f5

    SHA256

    bd9927061da145969845fb36f3bd736b92c7f6a33768e08ee92e1ae8c1b6c138

    SHA512

    2c309c261766c0dab8cb980847d38c8cb618322c35d962dc5594a9eaf0568decd3664a5426bb23621fc621d9e52ec5ecb4e0de20c76f29688f3cadac92330995

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a81125fcf5270ff8b862645b8f0be5f

    SHA1

    b4619702f6a4fe9fceb261f72c66c3debd9d8bc4

    SHA256

    50472964c60d1487e692af7b89e9df4c2878399facf1a4bc0b6437d08290bed8

    SHA512

    fbd8c6f6dfdebe3046a7be4fafc62cfcecac824a7ef327f11b3cc98dbbd291a10d149b9f2bd41e08721681ef4b73523f7577f1cb2d9cd817d2f29e9d6fc1e0f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3902ca075b200076b33a7bc73f5a643d

    SHA1

    30fb472edda00ddd72dfb70ef81e155ddd0d3921

    SHA256

    369e96dc9e047248f12937973fd4245630bd41fa7da9057551cc075d44d6938c

    SHA512

    abc199264bd4ec7e21b3ed6a03a0b189737916159b7e69c4a1f0fb9a5fa65a33255edc45860b42eac75a441543d3099e5adbf4d0e95e65e5a5a86ece275c3401

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1ed9998aaba37171b867aafc88e8e71

    SHA1

    91a22cef6cf190a48b5736b1fdc254b3eb178f7f

    SHA256

    1ebc10d2675a1a010e86a58f7682fe87e4762a904e00cbed295124a70ab24fe6

    SHA512

    02591931a9dbe9c8ef24646c806de77545bb89380af4717748dc1272ba675eabd712c1f7fb3b871fcb861d6fcca118cc34c5c53d26f2801444dcdd35e871a1d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a30d0f380f9d36f2b2ad68c2afdf2423

    SHA1

    2fe272be7e165b670e6023d963967215eba3b843

    SHA256

    461640de79dfcb60bd206d759dec6746e767b2c9461fb212f645eb18250232e0

    SHA512

    aad49449f37b175fe345b3618088b720f0d7377d86421e714fa2967127c7c0861ef9c0dd143b1baf8f7f24d1df60f766dd60a6803e356c9bcee56d16b7f2d12b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    645200fbdcc35a2b789117e46f2d51e6

    SHA1

    c10d50e75d0ef0c97b3256f4233176454d183f32

    SHA256

    aaa94cc7cefc09e6c0696131b7e5ef99a1d50bbf4fe30827005930e28789f8f7

    SHA512

    2c8aff7b010f633fecf5b95ed139eb9a2910981911b54c55a5d7bd074601543b0d73395c8e301aa57ec5dc9c673d64b00eba3531a55f8d367c90e1ad75363d5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a43c5b2a0f23f69588419607986a3c62

    SHA1

    68fc9984da10f6f369aa1d1afe3ca10cd4105ad0

    SHA256

    cb2286136b717ab9b9bd1608e17e39c35425d0714310c12a47dc6becaa8a2d27

    SHA512

    0a98a87f2de71a12b49f80c87da9dc7155812746b600097b63d98cede0c0198ec3de89680352ddac734239f5d2f8efcaa87cab778a901c3d0faf1749ec4768c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69cf4ab72537e92689bcddc95a6e07fd

    SHA1

    103ddcbb98fbb2910a64d557ae4203b3f267ded9

    SHA256

    76bd0b2d15426b2102d6805fd64e9480125ff1a03a9fa3d7563ad9b925bac445

    SHA512

    081576a0229912a47db61a1b0678c0af8af1285c10a1f5a19bcef8ea94a211ccd53018b3a9e5f8b81ab714081a197be1930cef196f432d8ed42f0bc902dbe27c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36da551a536de7d6eb15fe8d629eecf2

    SHA1

    110b8207dd02e685dd083d3816cc0a27708d1513

    SHA256

    1d09101b4d33c9df3f4ff626666b1908ac5ddb3ba0c6ce7f03fd5c92ef636b6f

    SHA512

    4bb1489bf6f235e1eca93f045a79eaa9d9a383f21505f4af5504090ca12b70fc5f8207cf4882f44904d7f129a4a568b7cc5e875a688a9c70afcec96a8eb5072d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94c99937989d61dd47763516f017fd1e

    SHA1

    b4144478fb772ac6b410ec4d0cadc5f5d0a789da

    SHA256

    544985ef1d9c0c64d1364b89f86cda93557948c9e32499523af27bf80c219efc

    SHA512

    768dd97f0fd62662fb354ae55327e0793b0cb8029b954595935266d52b1c66b344d617098071c48ae42ea4e7e6c84ac4111f0e6a6352d05eaed0887bc1167e5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d121726b40883d4c47ed3bfeccf9bac

    SHA1

    db67b69cea8e28995bad3dfe5e8821589ecfb2b1

    SHA256

    c9b786968d28258fed0c1f5f59fe94f0328f845bdf79d5b55ab973019409ba91

    SHA512

    f06cead21e19cc4bf4ac5c37d412878f06ab550cb10ee3db759c4694dfd99a945cbe7cb302d75e464f29e619cd3290c0914e342649cc25d8b1518b75bc044b1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f50a55184ce9f360a84ec3954714fd47

    SHA1

    2bcf1db9ac7e459678353e1fd674f567ccfc2669

    SHA256

    020baa7518bec8b0d9141e5319f6f049bb580212a1083c94d0798cd8281bcc60

    SHA512

    c1a54afde1104a57d7912fd31586a45b8c2e64d9b49ed7f0953c592701a6161d3fb3f5ad4aa7c2313ec1169ab7b25247a30c4ecb4de8ff7ba4971be7cbd1064e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40d896d286be32e06bd00236f626fcda

    SHA1

    214aa13bdeaf21e6b27b24120243200f2dc7f637

    SHA256

    acb9796ba9d74f1ca246121575a0981bedc429a6c1ebebea544f6be59c2820e8

    SHA512

    1fde9d62baaef5246d83152ad6c6c870bb592af5a08946b058e515f31f74d0bd7625d05b12fbd807bd17c494e69429df8639f7925dc45d3458487a31a620893d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c0b7bf88f13e129578506b5b645bde6

    SHA1

    fc999ebe8b38837e44ba5c73c642d49dbb9aaee0

    SHA256

    58c53de865c31e7f99203b6ec4669593715ad6f30a60624edafec83a2d215473

    SHA512

    9d6044da4d7587e6c1cf7054d28c3909d8dce7332d5cab79e61c924e81ffa3ced5dc8bfe8300a9ca2bb41505a7c23812bae4ebfb955e9ff68246fa36693c4260

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ad12afba2f8d8df702b1b641a446bbd

    SHA1

    64cc6ebc7d0abf8ca23139dd7dddfbffa1434c11

    SHA256

    ac0da24cbdc635d8ab4b234c2350881f9f9866ed607903a2909bc8e689001166

    SHA512

    c608ffe359538eb1495417c20430b7d5f47a18b2711de6159ce3ecb636db6018e66912944dc969b815dc1e6cfa0d5a9c2a6483f32c09f7fef22f3c0852a1bb98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1ebb0d8547a6de123b3b808f9c587f3

    SHA1

    54277f4db8bcf68e210ef0af0b7efc70067e4e8c

    SHA256

    be90c376af77d63da091a60577c3c7af51c388357f1d3d2da7a1f3ef311760e2

    SHA512

    236fdf82633c7d92a784e27e3aefa5921a42851f40b6105fa0706db8de436d11a78bd2594c9415f7f6b16fe7333b8f05e333ed19aa41bc416ff99f2856570422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28932ca973599238d7d1d56765ea9f03

    SHA1

    4a490775c10302ee0c5ccb56ca451c130fd2f35d

    SHA256

    91f69377b335d7efa568d31634f2ad61dc1df08ec7ff5c52d6124d9b2b3b4e8a

    SHA512

    b3690b3a853eb020b18c5303866491ff45a2514ffdedf7f946771c1603a2bb77d2d643570bb5ae0a1bad0d9cc4c95f097d28a4f2c74f2174a3ba20070edbd37d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    492dd61a9ae80915c253739cf0903c37

    SHA1

    11834b12640e64131f180c1d68aebb01ab2d48b4

    SHA256

    fa32ad698b84f8a922f44fbc3f73739095ebc46b0b440894256dc988fb7d01de

    SHA512

    b14dcc306c8e02d9a618116d7e73fb2e1e464f9f05be19f21549df32225fc14b3ce272d7d92913d064a0845c9c83a2a5dcdcd6410ba97dbee1e3f4d2505b9ecb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70897abfd193cfcc7fe68aa1625df1ea

    SHA1

    1f6450b176e24c7dbb7b043188979b97fdd7a188

    SHA256

    79b82bd15a4f4970cb4e01e91cd9cce5a8689fb89084787351c209bf7374dd5a

    SHA512

    7d0a9a02c761966d97513d513f68d93b7fe7bbe01d737a55bdfff2cd144a89ed549b8cc2d4ba2596ebd9898c544982c1e3f016841c9251ef226433b052164888

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFB9F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFC4F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1740-3-0x0000000000400000-0x00000000004B0000-memory.dmp

    Filesize

    704KB

    Download

  • memory/1740-0-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2836-1-0x0000000000190000-0x0000000000240000-memory.dmp

    Filesize

    704KB

    Download