Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 17:33

General

  • Target

    be737db94c439bfc4d0a515623b6dec4_JaffaCakes118.exe

  • Size

    83KB

  • MD5

    be737db94c439bfc4d0a515623b6dec4

  • SHA1

    2583359b3b1bb6adf7e56d3cac1cb16882f1e43e

  • SHA256

    770fee20d3c1a372352fc4146a3e733729f0a8ad1f6431fc8293254fca927433

  • SHA512

    5ca6c55c55bdc5591ee86022ffd538ee485826005e80bc7922001fb2d97fac5c40476e344c3e995533c9c66cf9453880f6b3b51bdf8e65b295199dee5a30144f

  • SSDEEP

    1536:y4QQ6NSyM61l19piO+LV8YEoI/EU9RUe4mkZ5aBWcYRTszWFN+Edug3w:y4X6NSyfnpijeYEoIcq45Z5aBnYVswUn

Score
7/10

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in System32 directory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\be737db94c439bfc4d0a515623b6dec4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\be737db94c439bfc4d0a515623b6dec4_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2192

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\macromd\CKY3 - Bam Margera World Industries Alien Workshop.exe

          Filesize

          79KB

          MD5

          26bde54f8c0e9d32e9f7d8872654f1d7

          SHA1

          73fd7c8135e030feccd5ce3e2aac6ae5be1e06dc

          SHA256

          65cf245fc453f0545027f9c8b94a45c72025fee4e3a2e83ac5b08fcac9952484

          SHA512

          d5ec7b1ef63c0bb38bae5d5e8e552d758728840fa4904a9947d4d79a004e8926fedc8530b92d05e13f613c95df47400a091743c78ebad80247a793d8f7f22442

        • memory/2192-0-0x0000000000400000-0x0000000000464000-memory.dmp

          Filesize

          400KB

        • memory/2192-28-0x0000000000400000-0x0000000000464000-memory.dmp

          Filesize

          400KB