Overview

overview

7

Static

static

3

f660bd5e5d...18.exe

windows7-x64

7

f660bd5e5d...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-04-2024 18:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f660bd5e5da55347355a33f526f2c49a_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    f660bd5e5da55347355a33f526f2c49a

  • SHA1

    f1383355fe100a1177e4f8c8ebbf401c2f3d719f

  • SHA256

    b297f6540c6f8c39e2ec9f3c4763a1e63bc7c9e69cb60631cffe2a3384dfa658

  • SHA512

    870daa9dcf41fa1c93d2607cfe5026ed262b399ad5dce9af0810e80d50d5dcabef8df56c4aa3d2a3f16e488400d2e7ea368d2b03c5d2973a7c6c2466afd81431

  • SSDEEP

    49152:Qoa1taC070dscd4bKGngJKrEqOWmgeEwRboNdNMTgP:Qoa1taC0tcBGnggrmLEjNugP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f660bd5e5da55347355a33f526f2c49a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f660bd5e5da55347355a33f526f2c49a_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Users\Admin\AppData\Local\Temp\3006.tmp
      "C:\Users\Admin\AppData\Local\Temp\3006.tmp" --splashC:\Users\Admin\AppData\Local\Temp\f660bd5e5da55347355a33f526f2c49a_JaffaCakes118.exe E3527714BF8FCE48B9C42958E3CB7C1C803DB2EABB1E8063B5BB2BE89D0FE68F6583F56C453A194E22EC3C2796A7C3C979B44D2CE4FC96E4463B4D0915D994AF
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\3006.tmp
    Filesize

    1.9MB

    MD5

    88b05b6fb130c8d40fae9c66875c4166

    SHA1

    ffa1abff6f4b4ac8fc4b3defa14e2d9e03c6f377

    SHA256

    02a57f81f74c004530c6d4d1e3e88ffe5187fe4e88d9e7cf34761d667c0c49a2

    SHA512

    19e261c5a3d7a7ac9e9f4e3e2b66ef2812e4f9139015032827fe44ee94c3f272c391ca1c1d3dcb0c9f38f4effea09f510465e0d24975b14045b942d25d542055

    Download Submit

  • memory/2188-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2332-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download