Analysis

  • max time kernel
    142s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01-04-2024 19:36

General

  • Target

    788f45ada2b264a9ea458f7d125571b0_JaffaCakes118.exe

  • Size

    539KB

  • MD5

    788f45ada2b264a9ea458f7d125571b0

  • SHA1

    cc7cbce75f3f0c2e9eeb5c16f3b0cb690aa46aad

  • SHA256

    75b40afc06895b53f4a90d06c0b6b0e6b72a2c34883dfd151bfbac51701576c0

  • SHA512

    7151982e5270c10869a1bbeb8329ec884aff1ec46925fe0bbbe07c70c3c279fe41c48fbf56835fece6341db772fdd98b142dab66d0d84e3f70422906d74de181

  • SSDEEP

    12288:cFLz8rA4TmF2Gfhk0AYumXdw/9ZO9gEwZGEX8cA0/M:Sk3TORlAYumXo9ZO9ssEv

Score
10/10

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\788f45ada2b264a9ea458f7d125571b0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\788f45ada2b264a9ea458f7d125571b0_JaffaCakes118.exe"
    1⤵
      PID:2904

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2904-1-0x00000000030F0000-0x00000000031F0000-memory.dmp

      Filesize

      1024KB

    • memory/2904-2-0x0000000000250000-0x00000000002DE000-memory.dmp

      Filesize

      568KB

    • memory/2904-3-0x0000000000400000-0x0000000002F4E000-memory.dmp

      Filesize

      43.3MB

    • memory/2904-6-0x00000000030F0000-0x00000000031F0000-memory.dmp

      Filesize

      1024KB

    • memory/2904-7-0x0000000000250000-0x00000000002DE000-memory.dmp

      Filesize

      568KB

    • memory/2904-16-0x0000000000400000-0x0000000002F4E000-memory.dmp

      Filesize

      43.3MB