Overview

overview

7

Static

static

3

163aeacff4...18.exe

windows7-x64

7

163aeacff4...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-03-2024 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    163aeacff4d18dce9b47cb31fafb1cbe_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    163aeacff4d18dce9b47cb31fafb1cbe

  • SHA1

    bc928b99e611e073609e20763574b0bee9ed088d

  • SHA256

    3069329b41c1a0646b5f36ab570582d6ad33e3abdc39f43c681a5df8dbfbd852

  • SHA512

    49fc793aecb6ab51fad1bf6d457deb42c603243bb40e1baa87a00502ca327213ee0a8b76a55659c073707de1a1a2bc543cec03afcbd4d04875637fa50347edfd

  • SSDEEP

    49152:Qoa1taC070dHW0M3agkhae4SazZmy4uU/pJE+O:Qoa1taC0d0sxe4TzRnU/g+O

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\163aeacff4d18dce9b47cb31fafb1cbe_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\163aeacff4d18dce9b47cb31fafb1cbe_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1020
    • C:\Users\Admin\AppData\Local\Temp\7C83.tmp
      "C:\Users\Admin\AppData\Local\Temp\7C83.tmp" --splashC:\Users\Admin\AppData\Local\Temp\163aeacff4d18dce9b47cb31fafb1cbe_JaffaCakes118.exe C57F28BCA8ABDCCF5F6039174BB499C2A999571749F36A548036C9936B9DF77E41E1A89C282579B9F5766C47559255FA78D13C64F450167EDD46AFC2933F76A6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7C83.tmp
    Filesize

    1.9MB

    MD5

    fa595c504cd1390604ba4c93f579e33c

    SHA1

    99ff9e21f6fb19dae62c6d5b26dea66f7837a4cd

    SHA256

    c403336c6516220d1231ee14a949fe79eec515a37462e5b16203bce2f9679b05

    SHA512

    ec2ff4357b13ce3f5708e70aba6f0168d5bf1e232476b15a68893d930a939dfaeb52fc020492d91247bf09067428cfcd778bd9270e06ba5eddab0a000d5a1f2e

    Download Submit

  • memory/1020-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4788-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download