Overview

overview

7

Static

static

3

08dfcdf9ab...18.exe

windows7-x64

7

08dfcdf9ab...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 15:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    08dfcdf9ab63f30d5244f6a6688cc802_JaffaCakes118.exe

  • Size

    3.1MB

  • MD5

    08dfcdf9ab63f30d5244f6a6688cc802

  • SHA1

    ee9c5d0606ff0bfff79c16997d992cac9bdb9608

  • SHA256

    3e8bc4df524ed1291cd17cd5b1896ae99aac7a98a33cbf618c3175704f5ebab5

  • SHA512

    8c4ad16fc06bedcd04d751457be27264985e389b631ca872a8ebdcfba01a9822c22c4078c1daf1f03a7eb744e9a0c3972a76cb0c61beac37b61f8ac1d7e62fb6

  • SSDEEP

    49152:Fvm22OdWOXqrbIyUJGyqtzzwRasLNXAXvhfwLVT5kUvgJSgHT6ojkxFbxLWC3F:5mSWOiIyUWgRas8ZEVLUjH5oxFbxx

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08dfcdf9ab63f30d5244f6a6688cc802_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\08dfcdf9ab63f30d5244f6a6688cc802_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4696
    • C:\Users\Admin\AppData\Local\Temp\7530.tmp
      "C:\Users\Admin\AppData\Local\Temp\7530.tmp" --splashC:\Users\Admin\AppData\Local\Temp\08dfcdf9ab63f30d5244f6a6688cc802_JaffaCakes118.exe 1B393B897963CB421BF26B88A8905099CB9C51130AF63CDDDEE2CAA3CB06064C6155D0A0038600007907146997157712FAE186E4A71517EF69B77405CFB57943
      2⤵
      • Executes dropped EXE
      PID:936
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1420 --field-trial-handle=2260,i,3739451884007376837,4900555371550671478,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2228

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\7530.tmp
            Filesize

            3.1MB

            MD5

            e6371d00fe14811e8bf709be488033d2

            SHA1

            569a08a7feaf1396f988ce8dbcd69e9fdf6d9772

            SHA256

            c8cf9ec061c581fa169a5157d8c090a5cec9ca7e5325945e417d80f36a2a134c

            SHA512

            5b43fe6941a8d60454c0a163e2ac6aabce50da654692a543170e032956f48c6f82e34829c92e73d3e40a0de226d56c51a947b036b0ed8161cf290c7bf4dfd8f1

            Download Submit

          • memory/936-5-0x0000000000400000-0x000000000071F000-memory.dmp

            Filesize

            3.1MB

            Download

          • memory/4696-0-0x0000000000400000-0x000000000071F000-memory.dmp

            Filesize

            3.1MB

            Download