Overview

overview

7

Static

static

3

d12e753f5a...18.exe

windows7-x64

7

d12e753f5a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-04-2024 10:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d12e753f5a83fd133c6a6c552ddd84ef_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    d12e753f5a83fd133c6a6c552ddd84ef

  • SHA1

    d0ea04ae2fc8b223a00734763f00c20a0ffd3de2

  • SHA256

    5f8300ac69b0828a7822ce2cbc369441edf1d479d8d8f06049707a8bfe46e58d

  • SHA512

    b822afe8878b8a6a4c9b3a279ecba2d030c466e6d70c3c765658966e67dba5f6494b63ef2875c2306f66dbba676713e5e1db4e07ba6a5667c26c1e43062c12d7

  • SSDEEP

    49152:Qoa1taC070dpmOnirKtujlbLkY77W5+uSNn81Jp:Qoa1taC0Mn7uj5L77U+d1a

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d12e753f5a83fd133c6a6c552ddd84ef_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d12e753f5a83fd133c6a6c552ddd84ef_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Users\Admin\AppData\Local\Temp\5032.tmp
      "C:\Users\Admin\AppData\Local\Temp\5032.tmp" --splashC:\Users\Admin\AppData\Local\Temp\d12e753f5a83fd133c6a6c552ddd84ef_JaffaCakes118.exe F3F704FF91CAC24E628977B1ADFA19AFD6EDCD836383232A1A2376588ABCBB41F4E375D2F10627A82BD550EDFAF8EF81EDBBEB1486DA4E35D6C0202A6C5593E6
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\5032.tmp
    Filesize

    1.9MB

    MD5

    b9b8573a85cdf0c0f2a0e4bf440f570d

    SHA1

    b408aae6d5ce2d7bee1577a526acbf3ee203a0c1

    SHA256

    7ad894a9148e6e10c4ce810313a34e41042b8d07f53e9798d5af0476f42f11d2

    SHA512

    be8094b3b7a660dc55ac5ca61b1c53401bb96a745049d6fdcd07b6f16d0e8a550ac41edab94eb027e6c8c46ae628171fa1e209077e9f72412b090a4fc3121e42

    Download Submit

  • memory/1048-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2484-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download