Overview

overview

7

Static

static

3

07ef0a7d91...18.exe

windows7-x64

7

07ef0a7d91...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07ef0a7d912d978f19fdad353c8b7187_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    07ef0a7d912d978f19fdad353c8b7187

  • SHA1

    ec8e982b83a80c576cbe642d2c42256865b6bba9

  • SHA256

    89f1e802284749999a7bc517585256484ef2a55c9d939f9ab8b653ea28a9be68

  • SHA512

    d8b64c6ab40ee3174da8652d6936fa0fd000a2eb50b4db8de9ac182a335fa45c47df21f34221d61f4842b46a6ef8f417c1a8b8e9c41f8fe1dd237ecd89262d82

  • SSDEEP

    49152:Qoa1taC070dogInGDfhu2cLg9F4CmrB8BT2O:Qoa1taC0vgxDfMbQ4CmrI

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\07ef0a7d912d978f19fdad353c8b7187_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\07ef0a7d912d978f19fdad353c8b7187_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Users\Admin\AppData\Local\Temp\BC6A.tmp
      "C:\Users\Admin\AppData\Local\Temp\BC6A.tmp" --splashC:\Users\Admin\AppData\Local\Temp\07ef0a7d912d978f19fdad353c8b7187_JaffaCakes118.exe 084BC51F6036CBC93D36C12E9C7906C0F2EA8A0D74F7208EC753E2B7133CD70472040AA4967D878E17ED316460263CA66C20F7B1418D10AAC2D0A246AFF5234B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\BC6A.tmp
    Filesize

    1.9MB

    MD5

    136dbb86f37fbac073f8a2aaa59da121

    SHA1

    d4284d3b5620c8b7035bd7d71d30f6735057ae42

    SHA256

    740cb79a59b76d71c9b51af0ff47f766b0d8b9affccc1b6c49bca4f6e890b7a8

    SHA512

    789c208663c68e0572509bf0c6c22675ef49df3dcca9d3a4e212f0926bee684c002e352eb42c17bb4b0254ab7c5ad426645c5add8cf1fd84aa87402948c436b6

    Download Submit

  • memory/2152-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4848-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download