Overview

overview

7

Static

static

3

cae5ce94ac...18.exe

windows7-x64

7

cae5ce94ac...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/04/2024, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cae5ce94ac33cda1a23b42b0e5d520a7_JaffaCakes118.exe

  • Size

    6.1MB

  • MD5

    cae5ce94ac33cda1a23b42b0e5d520a7

  • SHA1

    5d7d85d4e433bd1add01106f60c481421019ef55

  • SHA256

    0368acdb02a1b1d03d89902e287d33724d0d707f1075c75c250673184126d0ad

  • SHA512

    96a16868758e57de71c3535704c15770efe74f92c4d5410cb6f09fe209ef9e354dbe01f11f426d415de82e07d510ee4074989f5191d5a36512630f08b9329271

  • SSDEEP

    98304:+t+ww48YTRGrjsYrXa1PSELk/GEAUfZ82ub8GRprbGJ1y1xWcdGWLpDi5PdjDJiN:+xaELkaUfdOMeXdVlG5Fp+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cae5ce94ac33cda1a23b42b0e5d520a7_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\cae5ce94ac33cda1a23b42b0e5d520a7_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2528
    • C:\Users\Admin\AppData\Local\Temp\cae5ceuGLQPKF7.exe
      "cae5ceuGLQPKF7.exe"
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:1676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\cfg.ini
    Filesize

    18B

    MD5

    a337a1939be46b75da426adfbbaafa12

    SHA1

    d8159731a15d70e121072faac5fb1acd5e92ad6b

    SHA256

    7ef44ab1e1bc3fede91861a476c87a49448612d1812548ad94267cf7c0467501

    SHA512

    63f494e9f9acfa2e442254122b2434549b4ae8bee9d4e7a12cd1c03e431aa9b55040103a1a7485faf931552ccb3ddb95d249b6ed06b1ea5cada650c9e751bce1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\cae5ceuGLQPKF7.exe
    Filesize

    6.1MB

    MD5

    5b2669e56d1a5fe83f5f98f00c85231a

    SHA1

    61eee30e68d21c2fa653395c391e0501e1d68008

    SHA256

    443883f3ca3cfe97e97bbc3ecda2363b786e02ec3397595d1af13bde3b3df0ea

    SHA512

    9704dc6ba8d34e6c00833eec734f8f57725547117551db8f03ef72a931d30ddd3058158f550c916d55d05e821bd2e9d10f9da32a2868f18b0a2690e648d8b6bd

    Download Submit