Overview

overview

7

Static

static

3

dbdb13770f...18.exe

windows7-x64

7

dbdb13770f...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2024, 04:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dbdb13770f7c2ead996427534f958fd1_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    dbdb13770f7c2ead996427534f958fd1

  • SHA1

    b40c872ced3c0138f625912acbb3148de07f909f

  • SHA256

    40368847619802e4ba26231f20dfbbfb2c4a117d6a6d5e83310bd9b093ab4aad

  • SHA512

    588bcecebff35eed931da37c408b485c6958ad84315b3d162ea869a57b6d9ac6966ca03c239f2edf7c4e05ebc6a0a02316c405d0396d63b2f857b581f34f9840

  • SSDEEP

    49152:Qoa1taC070dr4/9io9hXw/TKYvLn9RXvIz7LOo:Qoa1taC0u4/Yo9hSTKML//Iz76o

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dbdb13770f7c2ead996427534f958fd1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dbdb13770f7c2ead996427534f958fd1_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3444
    • C:\Users\Admin\AppData\Local\Temp\C38E.tmp
      "C:\Users\Admin\AppData\Local\Temp\C38E.tmp" --splashC:\Users\Admin\AppData\Local\Temp\dbdb13770f7c2ead996427534f958fd1_JaffaCakes118.exe 7FA32E90DA877FF6B88145FFDAC64DB2AE0F89778F5BAD9EDABC3BA0F2E784A4347F489EE636380A7176B4D5FDBD1C380C7C611D7BBBE2E8F7CD0DC8D4F46FE7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1492

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\C38E.tmp
          Filesize

          1.9MB

          MD5

          19c69efa5c62784105ad0876e1e7a017

          SHA1

          8ba66febaebe127652d18352bd071a42f043fe3c

          SHA256

          595c3e8b7392f00fd10386c1f426a4abba9a21394bbfb0607b80d04a10ccbe70

          SHA512

          c37e067b1a7d89eba8da26c46347d04e46032d43ab71ae485e90576c94154c2d2dcfe37140ca0f4ddcab32a590a3c0182a977b1554d046eb606a2eae863dd278

          Download Submit

        • memory/1492-5-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/3444-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download