Overview

overview

3

Static

static

3

f6bdca574f...18.exe

windows7-x64

3

f6bdca574f...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 19:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f6bdca574f5c9b7e89838be0ecd5590e_JaffaCakes118.exe

  • Size

    756KB

  • MD5

    f6bdca574f5c9b7e89838be0ecd5590e

  • SHA1

    26091cfbb35d7bbae1e8da4ba34c1a7897f6cbd6

  • SHA256

    6191f08d4740985a89e8ae44300c9222a2a6d25d7960bd96f14060e09532ee08

  • SHA512

    65e00c43c319527a1217ebccf3bc5183898ab142823a180a09b7121bf59e6a8928f7c4ed788130bef3b5ba2a8ae79e285269809ab336aff1ff1ed84a337620b6

  • SSDEEP

    12288:jPWiTY3YVq5fgC19VZmqrC3TVj0HVhUmpR0rHtmM0IDZlm0JjE7sPowwvuShFbM+:jPZTY3YmfgqLryTuVimpar898zTBy3Uc

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f6bdca574f5c9b7e89838be0ecd5590e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f6bdca574f5c9b7e89838be0ecd5590e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://frostwirefreedownload.net/download/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2892
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2892 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e51d18d2d66a3c82e2b562ebf293a49

    SHA1

    b14c72be7a6ddb9c727952b4be1e0ed7175e8c50

    SHA256

    9b2b10e30d08307246f46832c98b25756e7d2df2688d665b7f3eb2ee773965f1

    SHA512

    c1a9f3a78743ad4c49a532e481e703f66402268ddb06b48c9f9d5d8af9714c475ab942adfd855c260d0be42cb235fa10c59ceffc7b7fef91af031ea2ebdbcc2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ffb720adb949f0c9eb013464eef6cb1

    SHA1

    a61147b13e1e2e16cdd60894888a1b22418bde83

    SHA256

    6f2dee38d3137115d4acb723d4b49871613a14b15bc93266e1ada8dc85657b37

    SHA512

    dcfb9dfbc56f236e1d4c61214d267b442449d8d078987622ab34569073cd7b156f8303c311f4f4391b29202f65597407bb3785a138b21cb3903ee39153ea0076

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4a23e01fa9db45c8acb2f747dc8d652

    SHA1

    8e6400c123ac33706ab19cd5b173bb3114613e11

    SHA256

    2a27145b56c09552287cce8153605f4193011a2b8a239526fb53cb4307fc36d3

    SHA512

    9a7078172c166fe612a63f213e9bf42fb90f8e53f00658f47787160fcb1bb3609b93f3e5ea43f4f2e2acd7372289551aa59b19e44845e5b372c1ee761ac5792f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb8d1641b5254af99ba30ccbf5804eca

    SHA1

    4e5a92fc7b586e6ccb2e1dacd3d148017ddf6737

    SHA256

    876c42d1a6e2c44e1fee0409e4753ab4e9f9a4a0e07f687d85747da02d72e0ce

    SHA512

    079a0900bd799001f609b49fe48fa964721f1e53d030a53aaa0fdfa1932e9c05bf5637ea255a33ccf903cff922789ab3cd9f7e4fa3beea6bdfd308bc6feab50e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33dacdd8876f24ee5714295e96e013cf

    SHA1

    1446e2fd46529724a4dbba840ce319b8b41b25dd

    SHA256

    fa1a3f1cd3396835028539365b442601357acbe51fa322ee5fca28bcef8ddda7

    SHA512

    cda7884a58514c84d7374cef99da88ac04ab7ec383a348369bd1a757f771ccb0c6c1dbd1481a3e7c1cac536669677711f86e892c42ad74746252b00e5c2bdb3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64d00eda7dfeb7351dbee307f6b2d198

    SHA1

    60a592943ca6409ae2be61522fa67147b81fff55

    SHA256

    da3ad5b1d189ca2fefbe83b073a228e1ecbde99130818e35e5aa4277bd8cae77

    SHA512

    2f6c4cac5cbca77d81eacba742d22ed461abe4d47b77611b26c14d5a468ca52534346a9f9dc35e32f4e9a8d2d1f6901d108e2c4dd32acd082662af040696e468

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f46519c5c83398ec989f46d16c47ac0f

    SHA1

    8e30289e673234b776895eb44b5131d42b1acfa4

    SHA256

    be66472b4b83c5ced16ffd139bca23a70e5fad55ea5722d4af0514e4ad48ae07

    SHA512

    901094f2977d65f0a76f5183f01ea4f6db2a25e3bceb26b401aa805806c11dd72a0ed01cc70d98a65e23746bb3aa5b61a8b37559a307e0159927a32d088f7a2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc9bfbf6392df3c4f75ffa46e17621c7

    SHA1

    f32299c8af83edf43de68753cbce5fe3292afe98

    SHA256

    2d5d4a63b1cd4144e4f2d2088c84264846555ab94edd40a014d13a4fb897a488

    SHA512

    86e158a658a9e30838b33e5fa64c6290b4335a7f89fb0e2f2bc5cb1dfe063a8248fb7bc84929ccbfe3b7b11d948471ca92c367e722dedf7a883d855854f8cbd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f4f88ee7c9d85624d4eeff41f190ff1

    SHA1

    eb8b0447463b0dba310db7d66a00a67366936751

    SHA256

    6f86344a911797841133935270de9cd2cf7f70ccf9a2700c7192a44f06fe5e96

    SHA512

    368fde0eeb0a139ef9e63bf8df51d24b36c5a86ef70b329a18514223ed26d200a507c52d99c56a3561a9e148a0a5d1ecdcd39f7e5dc3dd4d549700f0a2f10397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4423972ef93874a0f20054c3a3c8c8f4

    SHA1

    0e2e97b126bf8cf3a9dccef1ac94673ce06061c0

    SHA256

    461d256bb295d211b87a26ea108c3304814499074b908c2bd94f2e7b64f611de

    SHA512

    00e20366f340f4461d24911d34216542b7c9f7ae2c99e4f9ce9f24cd3f32ecfa014d11d75cd7d24662ccc3108811838b7d5163d54bbcb4f2685c580752614179

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3564bf84cb8c70739f0f9173f7ec3949

    SHA1

    839d1a471eadf4e98a96ebc7267f7817f5495405

    SHA256

    40cc29f544df24bc6b511c9c17e599febc9fa0233992d595fa1cce43a187da16

    SHA512

    0f6dbd72fe1d8de6f21f79cfb900abec18f2421aa783c4ead9a410dad831cf1642c7d695b02cbc4c55b94df942fb68474b4ad73bbb62679539671d5d7dd2311c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    825ce725d980ddebbd330b05712dd0a3

    SHA1

    40fa0488f5c9e96dddf49b4e14aa32df6926a9f4

    SHA256

    0e81a69f3e125238c42646f9b989b156f1e7aa7511a173f2b3721baa799e3fae

    SHA512

    e9a4a954b0b337b7103415031e76737ace4146a9cdb749fa15fd8a3e7094423e02c7b240904381ea451466c7b3b2e16ba8d4ab58542e334e29eb38120e0928db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    feafc42ad8f7e6057603d800c88eabe4

    SHA1

    2bed284381b9e9a3ad308d9e0f4e80c7160333df

    SHA256

    4a115eb12e3f76942b13742d5715ab86efc32163c0daf527c9c602d0d9a5e35f

    SHA512

    649f5abc07a695f1fb27d454634f97fa91622a71a6ed3ecb5f3e4dec4eb59763d8f7c3df6ef5f11d128b8bf03c0fd5962e9a206281351eab111667df6993e595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1a09a84865176b4b6aae1c615f996f4

    SHA1

    9def81534192bee2fc4b853f351d392f50e165d2

    SHA256

    c8e94d14ae195064752550ccb4adf26ed70a74b3ae274a95f482b75cf6dec4e9

    SHA512

    2eed4719edecb05076504abdeee2b34bc975bdda939ecfbee90db843574476c1546c2c83e70db5b68a8f7dd9560997d5e1394fe0ea2aad6c458453d101d38676

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0487e3d8a74b30e0469540b6a68815cf

    SHA1

    9ee5fe502156bfea939f61fcaed6bb63330aa42c

    SHA256

    93fdbbe6c06c7d0e5c1ece3c75c20b9e68d7952ff385d46c7815b3a3da066bfb

    SHA512

    1a1f80ad5951eaac3cc554a41148d0925f6da722de95b619f81322e39d2b740e3de98f1ee8006c5ff8e3948741f56788c4451b7f9069d941ae9956359df99855

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab7751d6ca2cb3d34cd0bc9c5d3df6b1

    SHA1

    b730bfe8355df47180a1ee0ae320fedf71a3c7ba

    SHA256

    6215cb7fb5cf256550ac18ce987335e7f760039ec35424360eef2ef616ab1e59

    SHA512

    1d1d5afa175b3dcbf53d6f1dac34d1ac47c2f2f944040ac74f265db4401fb195436b9dbfa5b05318cc0323bcf2aaeedd5649f92cc284bd4544c3720ed239cdc5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD6B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1980.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2148-1-0x00000000000B0000-0x00000000000B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2148-0-0x00000000000B0000-0x00000000000B1000-memory.dmp

    Filesize

    4KB

    Download