Overview

overview

3

Static

static

3

f06dc52798...18.dll

windows7-x64

1

f06dc52798...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/04/2024, 05:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f06dc527989fa11b879aff62626984d4_JaffaCakes118.dll

  • Size

    78KB

  • MD5

    f06dc527989fa11b879aff62626984d4

  • SHA1

    031ccfe91fe244867fe485df3e5e11f3d4b79f49

  • SHA256

    1a334cca216fe17cb712183b12699b6ff3ad8199da3600c68aec0f2fcd96be61

  • SHA512

    5a4e95a070eabe8a8e439cf8212db7d3ae99fc6d9692fc1036ef65f83f46c094f0b77ca90011c3263dee1170c356254cb37456cd545d20e92b1941d64997dc1c

  • SSDEEP

    1536:KsWGHeLBAjdqPd0xnhBbgA6UBeiFT0fR7KhZdFpjXenyroa4hR:FWHokOVheHfwZdFpeyr2n

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\f06dc527989fa11b879aff62626984d4_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\f06dc527989fa11b879aff62626984d4_JaffaCakes118.dll,#1
      2⤵
        PID:1676

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads