Overview

overview

3

Static

static

3

2e7f744d37...18.dll

windows7-x64

3

2e7f744d37...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 09:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2e7f744d378f788eaf862ab87554cb3f_JaffaCakes118.dll

  • Size

    204KB

  • MD5

    2e7f744d378f788eaf862ab87554cb3f

  • SHA1

    318bbab1be06575141c7067220288b9bb4f39202

  • SHA256

    77c8c62f7efc5cb666edffd0f021367f8be75fac8f51bacd2e5a33f0d404f3ae

  • SHA512

    19ec9c7e856458e33f7c8f4ae537511571e61eea4421d22a7a2d02e43f813dabfdfff886ccd37c1af5a207ddd1dd9eb99a8d78788555b175ac461a7fafd0ef57

  • SSDEEP

    3072:siLJRQiug3CjFr/Ot/U4TDtqqEmvUB+EFBPZdBfIFQ0LFC8cd:Ug3dBtqpmvUB1ZjfIa3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\2e7f744d378f788eaf862ab87554cb3f_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\2e7f744d378f788eaf862ab87554cb3f_JaffaCakes118.dll
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Modifies registry class
      PID:2484
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2564
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2564 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0ab7d113800474ba0118dc6969777bba

          SHA1

          b232569a66a2e776718531c4c0a3a07b3915a9a2

          SHA256

          d59b894bb2154e6bdf203d49487764702b24db5b442b54417d8355f8e9120827

          SHA512

          f680a48a1dd44e939ccb442200e43f9fe016f18d1ac88a0a6e6a2dad66df1d5b7cbfa39c6e64c5527286485b35119ef07caf0710cd2d5f4a616c12da5b003143

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          133a3be3d10d38542024aa9b10e351b9

          SHA1

          66ae59d153efcb88987866c9beb25742af66b730

          SHA256

          84ad76ade759b128dd46997db647da4a10b7e67be2cd2867e23c5e44fa1823bc

          SHA512

          9a748b42f2b39c8c33a326a2fb51d2a07eef60f3289436d1e37aaf9b95eaf5a7b500b46d425c737078ef75e14827d57e9f32320b9a7ec996d025d2b9a2aa5e28

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9c064f45baf8f022634e0015eeebe45f

          SHA1

          b822234645bb42ffc306984de83517cbe3158296

          SHA256

          212ad25023f624f60a59fd6bde13f40d94a6c8c70606bf3b0fbf7858ef15e163

          SHA512

          741d7ee28b086a7516d7214b1564110cf82a768d7bacf35af9882c534f0bce4aec3f545dad3bc7ed0472fe53d74f445efc710ecc7d4617d014b58b3991a5375b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a753b9315667a78c1019ac32b25500cc

          SHA1

          2b79f94117c6ab4ba72d2b004d98edd8c8dea079

          SHA256

          f1a9661cfc864ada02bd8dbe5e0160a573d28f4f05d53d2046384353634d7669

          SHA512

          d28745367357bd3afff089800cb9993cb6040e2ae794cd9cdb0ace2b8681bf757d804323cd3b9e63fcd35bd03304f0ac73618fe6233c3a43da7c27a2d6989ca5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          73e9b6983a70f22508aa0a9031eda943

          SHA1

          63f8f5ca3e8c6a0d6104701055d88bf63eb7e304

          SHA256

          0443ddbca4c40e8ac8aaa1f5239e6da52f57365f9c2df910d88f3a2260947be9

          SHA512

          76c158bf1baf8294b08e970007d9c5596df80d26b7970afb4d94f813b5e33fd6c58285c62d4147fca0f4aeed3d6fa2be15f36910dc90623cf04259bc7e79055a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1bd9d065f94d09eb3257c3db2ecc85b0

          SHA1

          873c6e1d8ebe6b494813e3b1b777bca5b1d70498

          SHA256

          5d82804f2a989bb98ec458d7acd0913464de3ec0ab13fab5b335f39bb8819ef2

          SHA512

          4b319b145e4bf6301e486820f9e84de4ee87158badf2c49078bf373fd619d22ec9fdf9f24c2fc5d3a5a54e949c2c414bcedaaed24b263021ba3e7ad16529c125

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c9ffd58c9b67092187b5a40d57aba8c0

          SHA1

          c977235ce0333e14f2f5cb6f64791f5fcc43d3d7

          SHA256

          0ed994776d2f24241653fbb2c0d169d86d95cdeddac663beb3db7fbf9372e3a8

          SHA512

          1db2cf4e79f28e64d2604997bcaddc392bd713105aebccf773c7f5e851be00178293725b3ac1d4ec79d9fb905815863c76e33e28f742c30e3a12d2ad214726c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b357f773c0f4bf9f4b8a6cd06781db17

          SHA1

          8ecb3b14481ed2379d6ee5260ccf0ad8c1d65b5e

          SHA256

          51f450b93bd1eef5183c225be386ae49a0df0ce8b98a7a8ab446723f99cc9c37

          SHA512

          f7ddcaf777763eea510e8c2974ced29a8bfece7e0860419dc712d45004b2b7788d737fcc5d0f27afac5e2846af20c2fb495a17cc7454ff69a7ce171f1544090e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d4f85787fba7bbdef554863ea878767d

          SHA1

          4d59174e7b3d64a849cdcbc2cd91413b54d6fd3e

          SHA256

          a497ecd62f7cbf9180f2fb82134070411ab8b443cb5e30a5a75cb225552b1b0e

          SHA512

          92ce89924d65740ff0a2f4a114d7cab1d2bb3308ff671be4078d4758f1d808ae3ba4b1d4659541dbb28612f1df799ebbdb451a6f226e0c6d26b34a9402fde67c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bb57584b70f6dde31a26ff0b612aee56

          SHA1

          e0d084e785ec7b88931721560462f40cc29eca90

          SHA256

          2bb164bd5e63460b3ae83fc864a8ee6a99e2252aaf4ac0b0101d90dad3300603

          SHA512

          04597f2bfcfd2f89af1604383501fead8b43c72c086a40b23c5d9e98446a91d990069792e10434dc7c5ed2bdc24a7e02aacac01485866ccf746018240a8ccc30

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          04120405939eea9d79053b02498492a5

          SHA1

          012a93035a2f9a6969cf4a13104f8b055c8ffe4f

          SHA256

          89f4a025e18efe80c51282af7926aa1d21162863e2846cb543ff1531cefa3314

          SHA512

          bbbf6bd1cdcc8646f071c0d2e6d67f03c978363150c6aa60c5c59fb8db833613ae72241a4dac35424264defebbaa6c8afe6038ea3d43164f46460c6f2671689d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4adf49fecef2d19294adb581b24d8292

          SHA1

          5f4b47dde14f4d5bcca07d00915647cf7193ea44

          SHA256

          0b9a3634fdf0c5b738293636bf25109a1f279c1574c5cd692dfa57737cd24b54

          SHA512

          f337d714bfebb8437e4ad8af57ec100039f44ceff54e99b5e8d1c6eda01608814cf86de6afe44fa92549de202e7d9330d23083bbccf545059cd378913c2f86d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a5ca4bf80589fcc9867c4aab0f5c37b1

          SHA1

          e4741dd434e0e1a854d6785d9ddb51ee84de57df

          SHA256

          788b36dd1e3c24be85303e72e31a8089b13fe69fe3db3c9557c4612bc50cee86

          SHA512

          6bbcb29aa4dc1c4182c25b60bccb398913e09d19c4dda75ad0138dd7bbefc5967201cbb3ec6a6386bdd8fdcd27c2f7fd34238802edc78247f131417e9b4eba18

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          4ef1c2b20ec4e77597a08762b7f838ea

          SHA1

          e8e006726715a51ba31950d850454830e3ca1860

          SHA256

          fd71943021c3b681d6ac77371717cc1abfb7e97e3f1b3a556fee7ff804747ab2

          SHA512

          d18299f3f5d5033321cb602c828af88af48a0bf7ffb0eeb66b9dd32f4717d9015e4884bb04223f9216015250fcbcc9f75699bc187bfbe2187573efd47998acc6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          738e3b4968e4c37e1fb4941da70c0ae0

          SHA1

          2106cb2caa7379b78563b68509625291b2b3159a

          SHA256

          bc52b26fe8ffd874e02ce038fdd6a98916ff1b554bb64f12e51f09af5f37b4c7

          SHA512

          cffdc3edde9975bdad10c254797d312aa623428b90c9bf0b43992fd535bde37f0867991372ac06c91983723cebde8f3b3d15297d8325d33a856fd8524c31c99f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          564faae8dc408e06f3b9ae28e5153d78

          SHA1

          46b5bc49ac79f26a84d05a85d5b144bb16504a49

          SHA256

          e790acb468fbdf1dd6a97e0ec77e643f11c40a3617ad39287fcbd79966636c09

          SHA512

          b0434a5355994862e9b3aa12e2592b1aa203b6e2e48862f49d3f3dcc5f432e58df16a0e8b95a33f5088970bf3a275d2bdc1991b9ab297de093bb0bcb0b96031c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          14a00f5863dac9aa61125cbd056b342c

          SHA1

          341cddb1de4223195b4d79f4ce9d45eff34eab63

          SHA256

          05b122a8e30e40eefb2cf4660054dc115f9fdb97d816af4b89b2643c43dbf400

          SHA512

          39b5a0689e076707ae9d54c364217cda210a33ad822f4deeaa588c5bd55efb6476327afccd67afa42ad7543505ab7f6607cb1e406aa7ca93f1a36653fb4e666b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ef3572f757cd0a59dcc95ffde5a4fd1c

          SHA1

          7ae51e55847a5dcb8c096a74940f54f6d892e5c5

          SHA256

          a32187c25087f3f23e75cc2ce0f6dd4bd0b61846e26eae0f33fad51d36e954f1

          SHA512

          b13278fca37c593ee8fa7899e64529df2a36cdd2df831afaead4a8b06b08bfea6227047fd290532ffd28bf20966887fe9cdfbf61b8cca1bbff9d696d6323ed0b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          67982ad93ad9aa60c54bd4f7dbf31903

          SHA1

          8c85343abbca7912ca503c056828a50066d7bd2d

          SHA256

          16215d240a651051ceeadd98f69d8a932a0c079b2cea93af5f594877130a097a

          SHA512

          eec5a6ef01439c0b5dcf6e2b7f604e09b907c7c2e5b5a2cd01d573585a089735bcc44e8798aa2c9b33a39e2d115306f0f537b734844bf933984a5a753ba87150

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ab379ac3928082a10aeb169618df523b

          SHA1

          0904d74e03ba2bb9b68e1f32d22786b7a1cb10db

          SHA256

          77fc4d64ec65fc01bb51995fa7c26510fcf9d59d471552a29ae13d92475f8363

          SHA512

          695f2d4636f5200ac18f4d1f78461e16a1ac6567b414465f82b05391b708a27180b60aa52be3217a58c7155a364963e9cdd3d0eb558ea213e3ebbc6df2c90bcb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA769.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA7CA.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2484-0-0x0000000000160000-0x0000000000162000-memory.dmp

          Filesize

          8KB

          Download