Overview

overview

5

Static

static

5

08437d858f...18.exe

windows7-x64

5

08437d858f...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2024 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08437d858fbf527cd4edbfb56e6e7e20_JaffaCakes118.exe

  • Size

    1.6MB

  • MD5

    08437d858fbf527cd4edbfb56e6e7e20

  • SHA1

    aa5cce349160cd58016946a85c1011c44cd45443

  • SHA256

    6c15059936f3144507809facd703fb25266905d300d83706b42760a9db33b18f

  • SHA512

    90b3210de3ae179e1ee9a2452da06bb075daa8015ab19142701442b85090ee488a1d9652dccf98bb929ba5b4d693e6d2c7ed396f53365d46245092ae701df9b9

  • SSDEEP

    24576:KUcPiGgb3wRwumk5I4KO2deuPVGpjgXwb:KdPwb3ut9CjPC

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08437d858fbf527cd4edbfb56e6e7e20_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\08437d858fbf527cd4edbfb56e6e7e20_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://bbs.515wg.com/?wy
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2852
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    625eaba754682e059bbdb41f891c4bae

    SHA1

    9b10558edc8682d9781b8e46b73ad309b42a6e88

    SHA256

    36d392bf8a8ffc6428dbdd1a7712e384e3278d17aa9b3d3121e0ed723d707e32

    SHA512

    9e702e3153ad9d574d60f2f6fd33857510823e5083c113d247a1548f91aea87c84f2efb6a89786982b63f37ce97cd8b92e81c443ee2f5bd5194595f59c104627

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6937cbaf16b88ee99ac9b63400977b92

    SHA1

    291f81b2f914b978bedec719354bb1848fcb5086

    SHA256

    78ffd90338f3d3f04efa1496c216767d7628f462908147e1a1cc5a075bdc2244

    SHA512

    b34ecbde177aeeecd3562fc8215c503df8197526e44cbf13721faf3814654b035aa3bdf4286c27ecd7382d78015780d8116ab6d80c5e0f9b6ffc877d1c6aac4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    319a07c6e656f720127d30d344160b4d

    SHA1

    714ac6ea3273383358a51da8da14603e96e7292b

    SHA256

    232f0244ee069e835c11c83a13f9e447879f723a3d5325091387c1b78f9cf866

    SHA512

    1e7eee38a08e6f85f2a81a1beb45d4fdc9728e8356fca7bd15dfebf89f9f784dea209adcaa6ec53d2db3ad58e4040381103f9b2a1bd91278d22bdb9be19ea81f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94e97e5f9ea947b8abb0f9749eab8484

    SHA1

    ea8c0bd65c339b9b1a13d2fd4a28b39c80d1ad31

    SHA256

    0b4634b50e09dc0bdc3f5ae72834a011a12885e56b78c524023b134016f433be

    SHA512

    e84eab5b72d6a510004484944b526463fc034335baae3e8b171b79e060815b3b977454012036de71a1ffe801f93480a4dee0ceafa5c17a6e633f759f8987d2a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dc864fe51c6cba2e5a020a45be634f0

    SHA1

    88f6357566541148aeed8c4465a3ccd6c531d4d9

    SHA256

    59e6ec2c8651a5cf73ed1eb473ea2644649f514161e18375b0f555e552aed044

    SHA512

    3c067e3486103885fe2e6edb19b8f62e1023bcb979b084e524a41b6694366b9f1c25307c901adffeb7acbe36b343e2674a8ca4ef92ffb59bb2447685b6240b18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c177c8c30df3aa3b2752204c16cab5ec

    SHA1

    c70eae9ebdde80e9de54ebf0e54b2e1e9d2ab92e

    SHA256

    30c755e168f7ea2285474d6d4f7f396ecb48f9cf3497a73737a7c1fa4d9e6df4

    SHA512

    c675e8eb833faa1ae91c271f115c68bac9ef122cad2093e261d412c974a36e7beb2e54fe1cffbbd4a468aa65ed47a662dd8c1436cffc0f88cc2d88e071b3c22f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1458c69cf918db71326a80a2a56dbeae

    SHA1

    b09fb3725c14a19e832062d33d94fd434ee54530

    SHA256

    ef4eac38cef5331db738d4754a6ef826647860e9fd333c84fbd651db4bd3ff94

    SHA512

    67bcde2e088c5d0ff69a9367324c448c5451c4f7eb028bd0495023b6b3c6f764813747a25ab1769b00383fb5bdcb3e154baea92da8bc3f51f88b56823f56be95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3366ba75b5d3576039bb35c45ef1d8fa

    SHA1

    d03a32130549e447266aea80ec42df8cfa076068

    SHA256

    55dd55c786f285783edf49aab70b80b96a8f3b138fa5de58478c9d235016e2a7

    SHA512

    8f8927486e3adcaa7dca772a1bd90d127c1be5c453be91143ed687d4baa6a7603e584715171d9fd6eb320a451ce5d0779998226fadbe41cc5dece72eb5312d1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c3a0e00c83f9f8c3abd4fb8fda51f54

    SHA1

    7e09eb72d8d4f324dbf671d957b5827ce9fcacd4

    SHA256

    936e9770ad5724e7a433e8390d5ba99d5be897ea28552bf672e97b0e358a6ad0

    SHA512

    b72f03deaf2c2738324c6662968b56db204c9ce9d9e63c7a9ecf12ce85884394a93af52e176b20f6c4319426ab68172cbcb50d29e040049771f878f104685d7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21a422048e6a87d9834d72db741b70e8

    SHA1

    e2aa80a0f923456ebc04eb2a4c80febb9b5b8b9f

    SHA256

    8e788d1a2d09dab40239936b37d56de55e74485655f75e038e5dde4dab55276e

    SHA512

    00fcf73a8d4a986cf6e7bc39886a28f7459faccc212d003eeac581890ba63b38398f353a4027b7b8b9d70c18f5d25428f20c4d95a0d989c30ab113ec3eb1a561

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ead5c441c7af2184b6dd53414043e2d

    SHA1

    35f8834998d36ad1aefd1f5d661f0dfcf1451c92

    SHA256

    824f9fd658b1dd2a7f38310ea48ddfb748804cabe20243b0bdc307fce89ec397

    SHA512

    8d99720a0c53a5d3b0f37a8e8cc54dc94583321b8193c6944fc77e772d49dce37ac8505d6981f721395d8174e5af07cd6a3e0fdbf1a3ac38be6ca0216c8e0b75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b05a387e7fbd48a335594912946ba0f

    SHA1

    a0199999e285f8d680d23908974835553d3ade4e

    SHA256

    cc1b5b50fbc29cde65928ad2dde4ce77aafb8cf9942cf0bc596152722fb54dff

    SHA512

    7c9eb19fb81ece2f941dc79b371a5fd2fbbe86b52e7528e6badab403d4c53c047e8f725c282ab842075245f01995b6838d9c1c1a4060d3f7b3f5b0aa1d4d4a06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da69e7b20f32b63106a0fbd72e9422a7

    SHA1

    927469440697a7e6433c575798648abd1573f9b9

    SHA256

    719f29195755cc9a2abdf3a2f3e4375c387f4f33cd4e586d6adb0a38061432a6

    SHA512

    1255c59ca0ac559e98ead6cdd45dec71f5f966512d579645b3b7af00da3eaa7fc1ddb955bf332ea418eec3860f19901555658ab4d0bb408d3f729c8f026f8b1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee4aa8bd2cc6ae821034e9e2442f97c5

    SHA1

    99e77731e2dd8ee8cbc9afd5453b9b4201571fed

    SHA256

    e5bdcd62af0d26466e10f963088de4ec8a59cd6546cf6da032f4dcdef5a5e2d7

    SHA512

    5a932f163631dc726522e45350cdddac7467226e483998166fbe66dd2f79dc5ca6f7cf6212594c70d2b81202c6078d7b82f8e4af3166084983f0c58f97ca7b0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab6c12de8f5f9a63dc21ad390fc52b2d

    SHA1

    65c684e7c433edb54cbf48c441f1bda5b76c3b35

    SHA256

    2646c9dfdcc9dcc3bbfb7961d4f3b1b97529e5f98646d1f710d3348094de8add

    SHA512

    e0570cb4d2b60743bea730d1803d026578b6467e054bcdc7d6a89e11de78e16f3cdc730a54551ddc52a64042f96354222c4f4c801c83c68a46b3561161b875b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0deb21075709f1b6509076cbd00ea24b

    SHA1

    726a5283d15ebf4dfdfd2239007b1b89660c6c01

    SHA256

    705b360cf5510cfed099471a2b59a38ef2b3772cac992c242e7be8e878648d11

    SHA512

    79531c1dc3b2e03d0c7ae5ced3f1a5a19fac4d42a4be45ab5ff38605e406f282a731a518482f9bb76210766e503d94e01313a6f53d67d4555d26b9c9090c22e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    092fc1cc364d19d4bb42c6d148e92360

    SHA1

    939a20ad97dc5ac8c6e12fb8278aa17e7b5b2ddd

    SHA256

    4d2a03c58fe35b6c0b905b92d0a37087a92ee4486584d75659a4ac4c3ec7bde4

    SHA512

    6b338acc238af1c44a68eff886918ac626784605fc0053ca2dea0d33685275861bc037e3d9107411f64f62fd156bf1f4d72b89e9c632129131cfd0cdc8ff9f7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f7945d268643b60dc17cf5b9d81aa41

    SHA1

    0c636d23b7f9545889625d4b1ad7d6a5d4f5b637

    SHA256

    1f7a9bc9c50bdfa3a4c20893242d5309181c122e9f84b92e68282e7c027cfc6c

    SHA512

    a57edbd7b9866cf341702a6348a76a4b278b20be907b79f10390fa366a947de735f7956ddff3b3ff94174cfb45671b5bb453c7a2baf7a2b196dfe3736f598cf6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9E92.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9F61.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2440-14-0x0000000000400000-0x000000000059A000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2440-0-0x0000000000400000-0x000000000059A000-memory.dmp

    Filesize

    1.6MB

    Download