Overview

overview

7

Static

static

3

eb361d178f...18.exe

windows7-x64

7

eb361d178f...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-04-2024 13:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb361d178f1ac83518ffe59104f3e9bd_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    eb361d178f1ac83518ffe59104f3e9bd

  • SHA1

    2070ebf90962759488e2582361b7438085d32867

  • SHA256

    f07769a1eb1b4fd79166471c67d5eb387c9fdeb0fc8451e5a09e49b3d24a5f5f

  • SHA512

    fe93645e5350ab5e9241f13cc8c8cc83583713bc32b60325b81e2bf515a2ca1abb162b01efd6cc271299ab44142f578dcf056b1cd1ac4838407305e41f1c3a5e

  • SSDEEP

    49152:Qoa1taC070d/mla++jENfgJVJ/1+NGruII4Y5:Qoa1taC0jlH+V1tqH4Y5

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb361d178f1ac83518ffe59104f3e9bd_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\eb361d178f1ac83518ffe59104f3e9bd_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Users\Admin\AppData\Local\Temp\5E36.tmp
      "C:\Users\Admin\AppData\Local\Temp\5E36.tmp" --splashC:\Users\Admin\AppData\Local\Temp\eb361d178f1ac83518ffe59104f3e9bd_JaffaCakes118.exe A3C42B9D1DC3F688DE74C8D9EB50EF9C457FB00C5738C8AEF1135B2711CC3EC84D01F1754210BE0420ACECA251E3F7DBE814FCC285382D0954D7E8FE4579F082
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\5E36.tmp
    Filesize

    1.9MB

    MD5

    e0f47f4899ec86f376da1d11717a209f

    SHA1

    117943291759e19acedc942b4ac77e6310eef0ca

    SHA256

    b1d44c6c8eb1e5dd569bc73009616fb79aa87800485ad3a8942f24a36d089487

    SHA512

    4054955bddbb75d0c0205cac0a2dd7623c1900728f484004d6e5d00ff79bea3114e60f69e332d222d9d344a50f854155355aeab3e62bdf9f7d44636e8c6d8574

    Download Submit

  • memory/2308-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2912-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download