Overview

overview

3

Static

static

3

f67de8ba08...18.exe

windows7-x64

3

f67de8ba08...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 17:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f67de8ba0856bdb54c576357591f15c5_JaffaCakes118.exe

  • Size

    1008KB

  • MD5

    f67de8ba0856bdb54c576357591f15c5

  • SHA1

    394b07b1105b7a14ca84f01a1490d1ad65e2ea60

  • SHA256

    919316a80a0514c3de27cad074565a9aa6cc501d9257d9b5daab077ba3df0792

  • SHA512

    1cb58d59554b051e2b206f94b98ecc412037fc6a0369765c8aba38aefefb7eb838f5b19ec6dd62416d89260eb97263b30cfafb9a2e43fdb33ecbe15833fea76e

  • SSDEEP

    24576:ILWjO4Dob8RnGT/23JlZF3XnbXz6kqZG3q:IQDM8eOZ7NXn+V

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f67de8ba0856bdb54c576357591f15c5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f67de8ba0856bdb54c576357591f15c5_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.uusq.net
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2836
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a809cad152c5b9da352c137b850b4b1

    SHA1

    41b1bd2d2e9f11c39523c7159561ca27b52991aa

    SHA256

    2bd3477e5173ead85631b3db25a2d4c98fe6af727ac0e5e0054670cdae11543f

    SHA512

    c2be10aa75c9d2fae8833fd2bf7334e998b622c6adaaaa105f922fa5d3770069a28cb0d17a5c224b94c1014f69b235039ebb3593d549973865fd24cb707b5e92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e5d58a3c936d22e741c9364d50ee403

    SHA1

    01f448b86c8bafb70198999828b375a7beb76b50

    SHA256

    64494a68d42466d4903d8a99085516bb01770503c2a490c2e61c4e9be1a3b2f5

    SHA512

    ae53cfb3425875cae876a56578d9668986f3559bae3e68218887174d7413822678e85b0d9b78f8f46e3bc6b551a3bd909b2818297b78d081d1778f915dfda56b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3d36f105410e6f91df5f6dde06904cc

    SHA1

    cb569d8e5d14925120557bbfa3e8663a2c26ea00

    SHA256

    25d13aa36e9aac05b94784a3e96934f479775b302c1e413f65848b714eb94c0d

    SHA512

    30ccaa4ddae6a4b3ca6e52298598fbe2767a52591d817a6cbc370b80370c701d11c6e460a7066a31703e3f29bac36023fd57ec3fe3e7d20f0d133019f16ab7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9703a57a753d05198981c7053cbc651

    SHA1

    0b512ac05940d331b0af31dd4023cea9f4ef7a32

    SHA256

    3079f05e8859f454b0e53b91f2d8df9695f2e0753404d98083d18b892443a2c1

    SHA512

    ff18de554e31a9bb23d27fe3d6538b220aaaf3ab8db427261e77deeabbb5c290499225afed21fc13576ae56e887f4e815475f7c6fac7ae4c10a491ebb63507f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b783c28123a8b5666afb25958402dded

    SHA1

    29176aa059e9475d3c66a338da5404ace1615bde

    SHA256

    2b22eaccd408de3785cf705af8ba1b34e7d4f185049d2942d996f7d29fde20fa

    SHA512

    cfc41ac478fa04508d3be5685467425d76c9630470fa1ab4dbd266b8b59c4d155abc0eb0ca17797e7339528569a8de2bdd1ba14e625ab9ef3070f85847448536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2250305e22920fcdf48bca9e0183df87

    SHA1

    8e081b22477e3419fa696d6358611815e223410c

    SHA256

    caa98982b851e0fbd6171097bd95531b4f59d0cfc4e90f07674230e44aea9abe

    SHA512

    ebb57a5775aa5f90b0241a483c31f28e46afa7d20e3f84ae7cd9acceeaf06e23262314176c0d2f66685543bf68cd0d13dfbf197b8be51b6bc7884aad745967bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7d2af801c9dd4e5ef412dedbe85ffcb

    SHA1

    bcdc0487f7647e139c89409b124de1226fa424be

    SHA256

    b2679e34387bf2ce36779e78258cdde73b94770599e95faefe8f397d0eb08527

    SHA512

    3175267cbbb0e63f24ef6bc89f95a0d1a1ec4dc05b474a5d8f4c4d1b2d21ef5154859f4cfa15361d0f734d08c8b4711830376c48584c05244b0c3ee1070de740

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5e935688d5aa85ef7c33c569e659852

    SHA1

    d41989c23463441d836448a9381821da2bb17e0c

    SHA256

    100999cc69ab20415ff3163cfbad40c3d3bacf06952f12064ea572bd0813bb60

    SHA512

    3fa12a21458aa25d7aace3f3422b8f70144c32993ca1d1a89fe350421f2f821139167286ab572329ffb5679ad7b4b48101ec8ffc0fc7fc302413bbd755c8217d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a095dc3c2eaaab1ff36880e2d14af26b

    SHA1

    68d71eae61f2805157f4f6d8ef064d96371a9470

    SHA256

    277f4e39d575a59979012a11cf72f78dbf5b448591b5bc4b7cf986f0e2f074b3

    SHA512

    2e12048405dca5e419e6f750b02aae9ff17c2e45daed308c89de9fdde24c068a1319fb9c701151c5f65e052d47401db7493a32293c8af4e54aba21759216cd98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aba1e3bb67c20a0bb3a5ca392bdee76

    SHA1

    dbf77b2d3ad2a3c61c3d1802dca24cf5baab4be1

    SHA256

    71de836b62a6a8efe438c432922c9b1d4739e74a777815f5a0c18de6614b4d00

    SHA512

    0cf2eeabc0fd3a714f9cb6afa24f696d78d8b7f94d1aef0bd9aaf5f87d11fd82418bf1bc9444bec084582b0de7f82e4c5789d4ad11f3404408a971cf7b72244b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f322c737ed6cf742087c318e51f92c16

    SHA1

    f6d584ac2b54a8f4d2aed6d77143755f15a7307d

    SHA256

    52c37bf3eb7c32f424302ed7ecdca743ca9b021004385e30e9e47d7708069487

    SHA512

    3488f35e4d9dd843d27a265832b68c5abd5c0fdeecb6b3bf17f7eaf8c7e8f1e8d564bc4bf04be06adf1963ef1305b8798c95d11cab6faada01e74fa9501bc080

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d12ec606b340c77ef1a8274906e434e

    SHA1

    18871d87495fc78f607c79678ab3a544098262c6

    SHA256

    93d4686484fb10e59cdf03b24da69355ce066af2a8dbbb9b4c72b506efc697f9

    SHA512

    0d82f9f48cdac4ab899eb8bd5e6c8f0459a17803a1be8ac09b81297e840099cdddbaa404b3904070a6b5924b360eb68c6265153b75231ab7cfd8f16273599e38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14fcb54cc35be2f1e9185f32dfaf2a93

    SHA1

    6c47808dc1e4bdf8f7d8539ba9bfc5cb37b601e9

    SHA256

    9cc4e00a96f9b0db8b800eb31984973b400735160a70f3f783c6e1fb788fe0d1

    SHA512

    bb981ee071f66f9d4fee742c0e1b45a85d3709fe87aabbf1e2ccdbaf4e8941aea3c6a10857d394eee51a4c90d00346673fc6dae3fffb5973076db06e2a6f41dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cb2e2c90f6df3cf7eedf62f9219b4a7

    SHA1

    824b8255b1ecc6be3e6fd535c1badb0d793d9784

    SHA256

    192db9bd959f6bbc8bbc7bf2ac0a9fefb0a4de463a63599e586c83fb5e4a05e0

    SHA512

    cbd07763600168f35220de46c70b686c6d7ba052d05c80e504321b9e7915149f3694640e07299c80b193620a445467b0def48e8b472be60286cce3ab5cfee9c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4ebf9f8e9252fd15cc027915560f3f0

    SHA1

    df9cb27e44428e28e44db7875b263b0c536cd0be

    SHA256

    1208c78b3ed8f42f642b26d6ec2065791a6323fb89825a17e2fb51347f60bf6f

    SHA512

    6e49acc4a424e63c07492f81dd84dfa352e1738e076726d6ed673785ac77cd2991aacb714fb7c67f5281cf24d73c91890cd0a6e70bdf4d9942d09b0b7309af20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    377cdcf42dd90c92c29372816bff14c2

    SHA1

    8ed4b859897e038c5cbda1168c8e76897dfdbc49

    SHA256

    cd1e9dc3b6f31b724d6d8469f6c989d8d6ad135a469b383b223685edad6b390a

    SHA512

    e93c397db413c7ea2232cb2eeaf50dbce189638445074cf92f3b2925b5bdf1f3f1c498b8f543256fa3973ce0f3ebaccb9dbc0ccb51a946aa05062c035996804b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c03243387f2f2ce49908764ffc7bf75a

    SHA1

    25304c4d2cd4d923b98f932ea4e0268b71104898

    SHA256

    ed7663d0bd80242065d9b7ac43e207eb30aa3673fa28ca3c17f1e34564e5fece

    SHA512

    e7e2e5e6eb1bf801767d77a7948b96b88234ef3d8a4ec8d8855796ebbd221d5d222be19c1bf8e7f36a7d30c795fdf7068a055386693ba02209ac6d815b65a976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac0ef6f040d397b6fb9d5a6c61558013

    SHA1

    a67731161b72f34abce5b808caeb6b42819aaf29

    SHA256

    acb26bf58ee080d5d2172fd7713ab5ef58382c6c3f91cc84ce845b989cc22e73

    SHA512

    7f4d942d45c958d74c98932508783025dda66c9082049027e59890f301f3a9f22f3a0f4a7ebc79d4743cd6da21fbd8dcce74e22b080e3db2ebe8873b0dd903dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b709256b9737f2a95ef939d681190e0a

    SHA1

    0f4942f026f43f6260b87f4afb5a14fe1a7e20ec

    SHA256

    dc01be89aebbc092d7c6bf7bc75d416353e81a1e49753f163b39376d8805c68d

    SHA512

    5cf47648b498a42fc320c9c81b194d002d1791f549364caacfcb24a51b0ce7dfa26bd0aa3869a003319ae5fabf073a28f4539e8a96c01993db2716fcd3edf5f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab20AD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2110.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\LRN69QGF.txt
    Filesize

    96B

    MD5

    1ec265c40c1f80bab904019ffe81b7ec

    SHA1

    5146cd230acfcb98aa69ac08333e1b86ba933c80

    SHA256

    658a32702586fd4a17817b73c9b4b71413dbc0f1ba8d669720a3afce19398754

    SHA512

    360d387af37c35f69128643717d39c64602399b97ef45a6b434dc3022b55bf2a8f94b60252f21b92f3d63b72e9ee8f1e13ecefad657b7f7aaa74318301642539

    Download Submit