Overview

overview

6

Static

static

3

ff7f3cb62b...18.exe

windows7-x64

6

ff7f3cb62b...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-09-2024 23:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff7f3cb62b557a6af5d7abbd0a1d2323_JaffaCakes118.exe

  • Size

    7.5MB

  • MD5

    ff7f3cb62b557a6af5d7abbd0a1d2323

  • SHA1

    7aa75006293e429c930d54b14f16768c74341611

  • SHA256

    248e8f6b6623673be409cbceb146eeca34f09284cccdf7fbde45dc70013ce34c

  • SHA512

    145fd52897f655cbd04db5dc72733b4104f897ebd6e4c9ef4712349826b0e7bfbfb30d8e14e936e7ad8925389aedc22fb1cb66836e6c04b077b120707d954d1e

  • SSDEEP

    196608:Zh3CZzW8gaXJFfkrP0SAOG2AYVarYtceeLWSlFD99Q:v3IOnr0S3ZCHln9Q

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ff7f3cb62b557a6af5d7abbd0a1d2323_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ff7f3cb62b557a6af5d7abbd0a1d2323_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2596
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9e895f10e90138547fed3240d5e3a7a

    SHA1

    409478a70e4c16adf7a083235ef276702de8c7e9

    SHA256

    270e2e001afa3aeb53f5a6f667c2079b525ccd903e5c7910f45e99f8b58a3b3f

    SHA512

    016b91b9dbd05a64847806862d4d70754dd2a57d8eb6f0c904038a519030c1f86facb92438577a7d63a184823dfad82a66dd6b0e6e8d0ad2e316da02c20fbcbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e96990376eb4d4ae04742d378e5131d0

    SHA1

    e86a2672a5b9852f778bdf58e2c3bb3ff0db1d2e

    SHA256

    d69b3a6a142dd087929373938d595658deed88879534748d551f7b4a87921ffe

    SHA512

    584a3364e74a44e76e0b4e780e099ed2ff6536d07603d489306a986c6611903f70420abeb56853848439b8089bdf916614d08b9ca88b52ba9f533895a8ae581a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    153940bad93b0ae80abb22838e2d570c

    SHA1

    478c245fb9c623528dadeee0b8168410b6d91426

    SHA256

    253f19f384fbb7808e2fd368f3f851eebfd470d924187219fff0e38b38bc8cdf

    SHA512

    fd73b0a3429c44b1623b13b35376b7d1bd14e1369dc0efc5c559d292b4cd88d35fb67c6c74a8c7c4fa0339252f8384ef03169eb6ff04c93b822fec43ebf85018

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a68894cf5f444165578e559bb555eb1e

    SHA1

    84eece99e21356238d6880a9e69bb1a8bd0a827a

    SHA256

    3d68c455fc7a6df020a04fde654ed687a745715d1d3d041d62ed2bec28b4b32f

    SHA512

    69f779aa659e7a19fc2d490cc8e86c0c28a77bdb2a10422f7efdfae43e753aa77ec5b7225a47c965907f841577d8818d7fc5e264ab9628139b839fdc4a3354d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b881e629278352be98acfb96f038ca3

    SHA1

    2f4635dd6ff756f8d96ed68f66ed471399927403

    SHA256

    d7b7e9b3f267ec625409415d2877f2d578e5afa2f5c61ac9c2d95c9445793b5f

    SHA512

    b0fc3dbbb742c834455c7d9c616a470c4c40af2eb8e7c4868c33bef644c41da7fbf25bea31464543859cd273f048f956d94dc7dd03bf3ca91ecaa8ca78ec3f24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ed760b12c0369397eada2079cf5f3eb

    SHA1

    f60044cc1eb76e8d2c3186e067b04fbb9838bd64

    SHA256

    8180d4af606d83519987aa9b1b3a93b8271f0eb1abcb6cd6325b32043cc63ce6

    SHA512

    6a22927f089d793c991c6d66eea698bc920826aa13f08649420e5250f7376b4895e692515b13e33806215382681f956deed061c2b2e2f61c9ebd41021a16289b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86028f7101f114bb18e2ebe8f3293755

    SHA1

    e05e46f359f13d8d145db479150d489f21e8d1dd

    SHA256

    283ee891a3da26857bc93106271309505cdf841bab6fb33f57b5c9a01f6c8901

    SHA512

    312ed243a91f258e18c8d91789739fa8706966a16c6bc8f477a6b4296b6e64ae0ca2a9ddd9d8a77be77074f31d87cf9431f530ef5616802aba6318e5df812ca6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da3390040c1817be968ad309b9b73519

    SHA1

    4be0f88e3a67b93fd41a0ddeb90f3a660d54acbd

    SHA256

    71e3b2866bbb210dd4145876f65d4004eddec2e7c422f87bd5a2be98a7a7cd72

    SHA512

    b93f961c59e0f4d4887462f6d1b9653fe49a311581be15e5f6b507846f9f035413e13ee99172ccd27a448071a994eb2ef1c5abbfdbe5a743a323861a4cbd0f4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5860e43289dfc9a9a7e88f1773849c59

    SHA1

    161ffdc753351151f41cd86637d66e747274864e

    SHA256

    bee76a8814925a66b4c09f2f34713c53b4a9ed10228f2908842f36f0132a80a2

    SHA512

    170c381f8ccc65d886772d67391c9a9fd30a341468551b72862ef85cf9e316fb501f16bea3474ce2df3d058d35f58af0d92e71f5c5a22a8b3d89dd5a74406e0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7097568c055a264c812f95b56a7d7dc9

    SHA1

    ab0d5ba82dea24625d3cdb97af628a27599217f1

    SHA256

    6d52550a18693869367cee227a9737ecb4c3e57de93a8c025ad6c6d0521e3c43

    SHA512

    a48040960b2e90a6de3cf0f1a0af91f57498af2b55da613734f5cde7ece359b0841e320115c9754c81fbf033c62315e0030c9b9ccbd60de858b741fc3bd7b951

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eec92e947ecd1d2066297a35bbae6b01

    SHA1

    dca41b72ce5ffcc5b9c40bf0659fb0da0b8baf15

    SHA256

    e8fdfb7e83aeb2ef6228f7179a384567ed3f17502f192b2933e6d9e6b35e6d42

    SHA512

    0ee398f11cf08bcc16777fc9a570e25d5f8953085c2e9b4eebf768f72d7309061a512d15d4ece81d0e38f23601d2fced9399bfefa1fda73fcad04ae3a4859008

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    593ca861af79bc25ba07b7d17e6e067d

    SHA1

    2c7572b52b3a7fb5a77ec7805f2dadecad366f3d

    SHA256

    1d077ba539f972108f6efdab40a5f9601c722d245f78eee27f14e8aa08ef8b48

    SHA512

    a6608207635fb17db91f0b8aee4fc60fdafba3d788a6dee7c31defc1304d3afb5f9f0d56582e857ebf2effaad67a05dd737123045045439c836866aa366782c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e40d70c2fc31234b0e20bcac08b9c90c

    SHA1

    bba51cf3304becafc9b50e10f2fa61dd5086fa26

    SHA256

    a6192a9aaa90ee76a0e564dc5174b9fdc8da761b22e14aed3344c106ab57c45c

    SHA512

    39b4a8e5200f8f7649af18bf60815e04bd0e398ed71c87b743ea1f39d2e7fc5ad2a20b6247bb53cfda333bd40504e9ebe44c2f5324c0a129727548f4069b1fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25ea4e39069a9957733bda03a4cc29b0

    SHA1

    5136eea8760951cca16f0356a08e0e15119a35b0

    SHA256

    e810b836c0aa84f692200136d2be93003bf6311b15c480ecd93d4a433d22bd65

    SHA512

    782f695532bf231a579385f74a3ff1f956c6671407d934aebffba3b1ef1cd1be4ea60e43eef192691df374d4bb2c2094af3de6788861007e425f97402b10c4bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cb50f3f72f51775e31d34a4e26e6db6

    SHA1

    66169ed01450187483db21f2844218ec15fc9c7e

    SHA256

    52b5e942fb93f19529cfffd68b9e4d0b8c7c34d289ff00ac48f25fa894c3346f

    SHA512

    83d171e520e9a339586e0335408b5812ebeed8c04b82cc550348f946169fe458d7031d1df9b38ea2eebdddd95ac1f19c9c2c4e9dffd6a644163e3dd26feddcfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1255c720c59eabba0091b871951fa8d0

    SHA1

    0d8fb68dd7070ede0162aed57adf09a282031335

    SHA256

    f445cbfe362eebd15545c27c3f4fa89971dec71ffd8c2ba1006938f5e1c37de4

    SHA512

    ef0b93ebd90c7c7eb86ea849d6c538f95b5b0b65ee3f6fc75229be0d22b8fecc581a9ac1ceac62ff6a8ea5085eaaf86737ebcc27d0be1f5729d21fee7b9040f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4b904d667271b16d29f88520199e9bc

    SHA1

    b54e28ea9fe8e680088770c995dcdd2565d990af

    SHA256

    29321bc0498d2588a4849184bd577aeb3ff322b6d8b41593a259f100c183882c

    SHA512

    f8291bb38008dba51ed0407e5c5fe7e6862a2c08bc316775b1553a9b7b0d9e25c699d6821a5ef5aed24cf53912051c57c10cd4bf95fc6df6b7cacc8a2d1ca74b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71ca73e5d6a1c87ffd593ccee7cdf14b

    SHA1

    1f39427afc36ddeb29caba69fefaa4e9dabf6def

    SHA256

    2556723f5a9d28a5edf25cbe9d891a4f2ca3738ec19c2ddb2350ebe5f61bb2c0

    SHA512

    ac122cd915b0f11d0682d32569ccbff069669990760b4f13b3934294b9c22d3767137f2ee9d44979037eaf54dcf41a1896de739791697c03bd16fca5de15dc21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7efae5ade1d1baca00341770cea718b5

    SHA1

    a57cbbbaa6f0ff86cc2b394e7d7e33ecb801db99

    SHA256

    0aa4b773d363b17ebdf1de5f7c5355c0c3fd83cb06752a93621a5b4cf2289e49

    SHA512

    76db90952803857b712d08ff6b8c0ffeae45697fca45d5bdd334fd0d573d7b15220628ef8cb48ed08d2162fac57bb602576b7249b420ef372a5d8298addc7721

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC795.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC7F7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2596-429-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2596-0-0x0000000000AE0000-0x0000000000AE2000-memory.dmp

    Filesize

    8KB

    Download