Overview

overview

7

Static

static

3

ccd7b8ebe3...18.exe

windows7-x64

7

ccd7b8ebe3...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/04/2024, 06:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ccd7b8ebe3e6fbef28e76ef7b78d41ab_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    ccd7b8ebe3e6fbef28e76ef7b78d41ab

  • SHA1

    d3f912241f6a3e957cce7a5ae6edfa295896e436

  • SHA256

    5b3ad646dbf01943bab3d581bf51159e881dd532ac75d82d48ecacc281003a23

  • SHA512

    31b56af2796f0d562923d2b3ab3317613737342be4f0e3ea3d57ff26aa9bb0d899f700bd9e3c9f25c41fabc6368d4be93a3ea4021a3a01dfd45a070c97ac33cb

  • SSDEEP

    49152:Qoa1taC070d2NqzecNvBUhQvE55kOiSn2l:Qoa1taC0Xq93UhzfkOiyW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ccd7b8ebe3e6fbef28e76ef7b78d41ab_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ccd7b8ebe3e6fbef28e76ef7b78d41ab_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Users\Admin\AppData\Local\Temp\474A.tmp
      "C:\Users\Admin\AppData\Local\Temp\474A.tmp" --splashC:\Users\Admin\AppData\Local\Temp\ccd7b8ebe3e6fbef28e76ef7b78d41ab_JaffaCakes118.exe A685A93C50E60BA0BEA1F3E4731E5B1D2FEBE23ACE0BB3E62010AE0439AA9C01FFFACAC7F4506A162543DB6BE2FDA393C8BAFAEFE1031168D92CFE8F7B249213
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4528

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\474A.tmp
          Filesize

          1.9MB

          MD5

          21b469e4dc69562328f4003366829ce8

          SHA1

          ec7934a2d45946f957c319fa970640f5e57e4feb

          SHA256

          c1990abb9207f370aed7dbfa81764bc082cad75b68972ccb9fa10d3ebcaea89f

          SHA512

          d19f92435ed2c42c6dd85431096906e805bb299c98a12bb35802057b16fff0a7f1d627c29503474b2dd496d81856ac022e0a5c6b3b3334dae4745abe4effc74a

          Download Submit

        • memory/1728-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/4528-5-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download