Overview

overview

3

Static

static

3

e181785b28...18.exe

windows7-x64

3

e181785b28...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15-09-2024 02:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e181785b2897d04c9d95a7fd68b61f6e_JaffaCakes118.exe

  • Size

    28KB

  • MD5

    e181785b2897d04c9d95a7fd68b61f6e

  • SHA1

    5fbfdc06c78b6a2c0df4071bf5a0ca03d24e799f

  • SHA256

    1e2e592132bcc1e069eadc24afd4de3e9b4c660d15e1fbe1e23e3549f1592539

  • SHA512

    d60996d19c9e375ec9311bd18cfff601a0781a5d1eeb189b898a89fbe4418865294fc98bf23fab5c5ece5c4e13dfb2aaf87d2b73d87047ae16238c6d8c202628

  • SSDEEP

    192:N4uYJXFQuAPl6qumdnv82D80ZnH6SOJnLDO6hr0D9S+bXs:NtAFwPpumdnv82lZHZOJnLN0D9SgXs

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e181785b2897d04c9d95a7fd68b61f6e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e181785b2897d04c9d95a7fd68b61f6e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe http://www.sonico.com/
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2824
  • C:\Windows\explorer.exe
    C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.sonico.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2788
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b57d34ea2c07c26c77dc638a38fbabf8

    SHA1

    bd3866498820c83f28adb2a4f770a886955dd2d0

    SHA256

    5d88fac744d55f6951ea9858e5874a7686a4dbf1af0db4782663a732826e88ce

    SHA512

    a5134f1862e7d7089237fc27ea830a2e0e0696cd64a5876c3f81185fad9344384340f7b6e2eb77c4bae41266cd23374aff28f92ab3ab5624ca536fd647db5582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75d796b09092ca54066ed2f45418515f

    SHA1

    5664057f9744cad247548e7b83c7e5c0e432f101

    SHA256

    230b1cc3f4b152c66c01f4c1a1837ace17f4ebfd19582ae6971cec5930c7061b

    SHA512

    ce8f860b5aea155fbaaacd64cf1d4ad8d2e979460f501e6dd8554f2a77ace57bacc02671979c7d51840171c8c76184f01bff8ba2cd112c33a1e02682ab1f6126

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28a19d189ac40ed6a2278d8f52a58f01

    SHA1

    1ba971ea3c0a15fc58dbf3be3ea0337cc3d23b69

    SHA256

    98e1fb23acd1c621ba3b0dbb0ec9dca3bf9765640a1058b82334ea96b9ad0e5c

    SHA512

    86d384a72354193a4a327e768bf87c06b35f70e663f99c6a5adb2021c5590c0077c782899aed8f6f1853a43718469dea6e5a7fa26566734a79e2158bd44cd671

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e645790371c54833ac67c4a3b897a824

    SHA1

    e68ee3d0d565d5e435a218c01b492add53b78697

    SHA256

    9edbec8a62df7fcb517bcadc26ef9a5dd1069ec27531bed398424725a8d10d02

    SHA512

    a7e5337a70798ab46b4c794a53c00085472a2fa10322fe22eeda497d6b03508f0fa747dc0ea40c35dad17000dfab0e7d42fb2a49bba7bd998d1f12b81b4cbfc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a6d5401563efe991ec2e0b7fbae6fe6

    SHA1

    cd9aa77eb0155d0f3ce2dd56328a10cf2bfc1958

    SHA256

    368fdff71a3fb6c68e2d81fcffeca5d8adf9704070bd024adff29042d2430860

    SHA512

    b7cd889c427016bfc600ab8644b918f582c7249600c4d29284181ec7070c9750e1e22f94622f731b4a76d0d8f34b01172498226b4340ce300238a4f1443389e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c80f10447558b871c30321ea74a52111

    SHA1

    dcc8c68be1f324208a95cdef787622fb61670d33

    SHA256

    4e4c751a11da7352e9ac05f48eda501f4b2475677f6f0cc43e4d0c4511045388

    SHA512

    489afcbb2bde1851b2bede62313d60b49c3f3f36a650ec7c1bd2f2dc18535e2dac99ef73ed7491551041dc2c69e56a76f0647c8a3b3b02a2bbbaba9768449e47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    567552a4372bc1707cbe23cf8d15ddf4

    SHA1

    f954ef4f163cc36913802086c16385d55e08b85f

    SHA256

    355fd663d08e8f68846efa19d1632ab9c7645137fe63b068a6e71ca84166d9a7

    SHA512

    dc6eb3f0aa146f3f20b6162995b1c4a6599d4f9207782dd73c0db0d48dd49eec3fe51b9fd452ee9bd74ec9af4e2a161c654995baea18f924caee8462546e289d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ccfd71f4a482e457650465c9db9a24f

    SHA1

    7cd58a434decd9db5cda9fc3b31fcd4805148635

    SHA256

    7034f583ae1e3ee32fdffaafb0888038066b03aac5802671c9b56f79c0dabcf1

    SHA512

    afd054898329a9c0b28daaf9222b80b42cfbeabeea7ce3ea0932642e1083845cdd0013ba6aae7ca1652b49c4b65f920db7b71b3c24aa2527656b0490ee0459d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57eeac0db4f3256463a3b502916890cd

    SHA1

    094a34cde62abc858a016ef7fca0fd13ab518105

    SHA256

    026b329185bca50c98f107237ed2c7a8311e87ce3a7eb89074f062fdabbc13df

    SHA512

    73e5d431f1b311949c3f4165a1d43437fdc678de561ec4101ba495ea53228c36b04a14db41b984bad86b87411e4641275a89825c3782651c24e7a5ed5388abc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad4382fc88633f9c4b483d5d244a5265

    SHA1

    8bcd884f9f3be400ea0ec7d3fbf0e2ea0a384088

    SHA256

    933517a987d273c6e751fbadd78785c47cf33568c22744fadab115584e90a60d

    SHA512

    9b21f0521beaaa17a2ae98ef11b5f90f8c30dbf39c513bd4cef38103289fbebfe839d3246cfd8424fea8410bba8deaacb6572a7a7194011a150a27fd4196b1bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    891a7bd12bc1414237089fad93e59922

    SHA1

    86ceacf0b76a0ec2c143df40d138d94ce73e168d

    SHA256

    bd5a33b762f16bef097e5d0c2b79abda3467d3781e885ecf35d6fd1e55abf843

    SHA512

    f6e0db0eab7d26a778a1db22e7788efa62ba6acce23ac897e89f12a134e28c3b801e111278c9726afe425392ca96534675b104d1b9696333b01484203ba4fc41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4de5a1ee90c501ff18a6a5b6873a9437

    SHA1

    f18677ef609f5585d3521601406c995a01102dc5

    SHA256

    0e587dfa2aa62cc66d273c1e37cda229a980005fc4093c189fc742bd7b354fdb

    SHA512

    fc2d2d534feea593e7d5f943ce0ed37d76e0cbe075f9dfec75dfaf162a957c220950e75226a8800316f634a3ff888cb0b087bfe06e0cc81e746b0380f6b0ba6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99c3004c16aa473052f6d2283a159974

    SHA1

    b5fbae24b4dc20b46cbdd97bd8b2745c1b902dcf

    SHA256

    3908fceeba146a3ec2b10f12f41ebaa449890feae9fb81ae45292821ec044c8e

    SHA512

    6325f573958dec926707f02c8a00ebeac344226cf9840e7b5d321244b54ea1072dd72a6a000e995e674aba68659585487eae4f718366dd1da615435c39152004

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07d00dff883930f4a268d78d196be372

    SHA1

    ff89bbb470220f2b24a014be04f32b0d85198af5

    SHA256

    b0bba6bd1a57548499bbf814e4bc3cb47ffae9f273af6ef45c761ea4a6ec52c9

    SHA512

    bfc9e2b2aec29922d52a6652633b236cc89788e167962f37f1f306542d692354bc691f4ce6d853f73af0788658e43bd94dbfd14d7e17f78cbe5f24cff5e6d5f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    019a7ebe143fdea298a242febf4cb09d

    SHA1

    b182b93f9223eaeb108093fa7fd09bf6cde971b2

    SHA256

    57e62db9a251d2d2635238f6bfa473c440e94fe01a59d30f5984999e64042920

    SHA512

    6b71a5d5625dbea01529c1a2c117beff0ec1f0c843308f639bab2e71b80a3ad67e535403e1c9a76265ad00a28c7a43cab3bf5d819ccde1241b1cb7439b942174

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be5b2db6016e7dc24027beed1d372212

    SHA1

    7b0493ecca9ef91ff0f01217b8d630ee6186896e

    SHA256

    30db6f9c9b2f91725f1d039ec6514fad63d956ed451b773bf5a2777859c570df

    SHA512

    1a86ff81b0aefb99789d5ccf9b789d153c3dd51d6debaa8e361feddde8250185adc322d534597f86aa70a99ee3eba6c6630e5dfe21974192b85dfc825d5bffb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d270ebcc65ca6347a7953c814fdb2391

    SHA1

    f301162acee0f7769e4fedab0d60ea5ae5b2e4cc

    SHA256

    0a4cce30ff49e3b6995377b3317914e07df3dabaf994be737756dc9b13f58a20

    SHA512

    36b329c6adcdd7b40129e28ad42dad762ee68f0b756122e0e12005b606744e8e3169b7ebdaf386a9624afff43c78cab383b21f74957516272daf9b7c61fa6334

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43ffb22f0b15625266a3b2ffe179909f

    SHA1

    d87a7572efeab57d8ec6e5a36e8eed15bfce977d

    SHA256

    855796e1a0696c9e1a672ca95e69f5a6fbda7fa6d054cc5b7487d629ec0c3a1b

    SHA512

    2286d6b6516ee2bff124b11dd98a268639290f83b0fddd9bac3f6d4b9bae0d4692c23991d8e3d133e23558007e8c0fdd1de33513eec73a35b0cfce855db72e73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51e98b12c719797cd81b67bf6b5b7273

    SHA1

    83f2fef34ba3f6c205cc43e21a2da020023055bf

    SHA256

    f22abc47a51aad11a3eee673ca2011d54e7415a6bf9461f7bb720aae6e3f7807

    SHA512

    7f062cd335e8951d92446fbfb34af2897f6b3db0d30a89b0bd4cd1dc72eb85c8b8347dca7a069623d8abe0e87cf37f4c857d9534e86ac20b8a8e8c79ecf2b195

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB78D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB84D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit