46d43e47052c6589a5793a7bb20f63547c2564889bcec88a20227d7fc2141ab4 | Triage

Analysis

max time kernel
146s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
16/04/2024, 12:23

Sharing

Report Analysis Logs

General

Target

f37dddeff94451da96af5ed536973ae6_JaffaCakes118.dll
Size

3KB
MD5

f37dddeff94451da96af5ed536973ae6
SHA1

5533f84a4399abec91b40479e8626b2763a51a78
SHA256

46d43e47052c6589a5793a7bb20f63547c2564889bcec88a20227d7fc2141ab4
SHA512

da01f8bfe3ea4cfc768d4fd2e0ef867fc0f017c4cb63f2d31a6bf4d850269be6310b5b2e27eb903a171d25a56cd54ec140ac64c64637706744abb36d89b80029

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 952 wrote to memory of 4412	952	rundll32.exe	83
PID 952 wrote to memory of 4412	952	rundll32.exe	83
PID 952 wrote to memory of 4412	952	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\f37dddeff94451da96af5ed536973ae6_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:952
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\f37dddeff94451da96af5ed536973ae6_JaffaCakes118.dll,#1
  2⤵
  PID:4412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads