Overview

overview

7

Static

static

3

d034fe6fdd...18.exe

windows7-x64

7

d034fe6fdd...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    05-04-2024 09:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d034fe6fddfa4506fd116ab1134d8cdf_JaffaCakes118.exe

  • Size

    1.1MB

  • MD5

    d034fe6fddfa4506fd116ab1134d8cdf

  • SHA1

    5f53c59b7846eb0fe9e2e40f66dff8c84122013b

  • SHA256

    7232bed2f3298454f14b74c6660bae51d72dadab453363119197f4c013f3d25c

  • SHA512

    d7bfb7f72c8bf7d6059b1792d92fcbe76d5a6f23176334f5e8ef0dd1db0043fa3f4e050b191ea8d17f514961685b12eb4697f0359004822b7482b199d5c89ff6

  • SSDEEP

    24576:dgdhhQGGnnazLpj4VHogiuG/EVeJGQl+NPw3nnM/g:dqgazxcGkegQaPw3ig

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d034fe6fddfa4506fd116ab1134d8cdf_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d034fe6fddfa4506fd116ab1134d8cdf_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Program Files (x86)\gwc\inusksbge.exe
      "C:\Program Files (x86)\gwc\inusksbge.exe"
      2⤵
      • Executes dropped EXE
      PID:744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\gwc\inusksbge.exe
    Filesize

    1.1MB

    MD5

    0b7922f88a056c4cee0ea5b0af1c9c59

    SHA1

    8ae801f02f8d64ed80fb565006182cfbf1424cba

    SHA256

    3cecb3aff0af628663186f8c38b2ed7de20af4a4bbf731ba59efd36a1f38598e

    SHA512

    84ef319442b6b605ca87f61dedb5f0334405069d01b03113f523330904f4f6b8db9255e0d2c2a5f0aa7e1193a25ea7c3046ecfb537d680e7019db7e3b05da3dc

    Download Submit

  • memory/744-6-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2176-5-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download