Overview

overview

7

Static

static

3

dcf5ba752c...18.exe

windows7-x64

7

dcf5ba752c...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    96s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2024, 05:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dcf5ba752c06695e3b8cefc3d32333f0_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    dcf5ba752c06695e3b8cefc3d32333f0

  • SHA1

    e0d74a1e7c8e3a1bdc8a9669a1ae55316dbeb347

  • SHA256

    66fa360ee9ad50375094c7b143cff53aafc711e3409de5ea584ff948edfe19df

  • SHA512

    b75677eb4ae29b684f9a51359e922afe0deaa12975a34f4926a9a4da5353fa60c569adb5013043930a959febd174c50fec9480341156d311ed7f39c3877e6c15

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dlgwFd/AX5LbgQJm0YLTSLKHYYgWcYYaZ44JL:Qoa1taC070dlgoQ8LTSfWcYFOqXPv

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dcf5ba752c06695e3b8cefc3d32333f0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dcf5ba752c06695e3b8cefc3d32333f0_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5052
    • C:\Users\Admin\AppData\Local\Temp\47B7.tmp
      "C:\Users\Admin\AppData\Local\Temp\47B7.tmp" --splashC:\Users\Admin\AppData\Local\Temp\dcf5ba752c06695e3b8cefc3d32333f0_JaffaCakes118.exe B231FAF3B046B81DC778219E5E49CE543A01B55A81FDECA403C3D063BED6E3628A0D4567785221844FC2F5B68E727753F03C7285EDBF9245F4520F7BC4069343
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\47B7.tmp
    Filesize

    1.9MB

    MD5

    923b69e229d0de8d8461d8de9a949cd7

    SHA1

    ac3dd35284247dfc3b6a11970c4bf0765b25b163

    SHA256

    0270d7ce73ca8ed42c22f90b3b483d726080da27aae4ef40b4cee5d8683a77cc

    SHA512

    03e1318d499d531f943867cef6b52103bbed2a676191566ed0b41d41105ea9c324658fbcf4bd9433111747793e60ea8dc98242c9ba255e0f62b499ce5af6dfa8

    Download Submit

  • memory/4400-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/5052-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download