Overview

overview

8

Static

static

1

27dabbb4ea...18.doc

windows7-x64

1

27dabbb4ea...18.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

8

decrypted.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29-03-2024 17:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118.doc

  • Size

    595KB

  • MD5

    27dabbb4eaf2447b5b0e5276aa233ba8

  • SHA1

    695bb0dacc42e9cd95da75f2d5d382ad9922d662

  • SHA256

    e0a08ff6494168340f1d1b926506848ca74ffb4b90cf9c6b6305266a1c9328e4

  • SHA512

    802b99ec0dd0b61fdcf55a224bd187fc16e8d5ab1d82c3fb31425787bc22a9df2ecee06e65708f3e8fc93ee24c51d85b088febc998457f15441f3d32b13bbcdc

  • SSDEEP

    12288:S9oJmwAOkdtR00osOK2lvl60gttjfUPBl3t6try10Uh2zkmu:SqmGkHeD3TDRg3W6tW0U9X

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1800-0-0x000000002FB91000-0x000000002FB92000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1800-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-2-0x0000000070E2D000-0x0000000070E38000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1800-5-0x0000000070E2D000-0x0000000070E38000-memory.dmp

    Filesize

    44KB

    Download