Overview

overview

3

Static

static

3

f74a949273...18.exe

windows7-x64

1

f74a949273...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 04:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f74a949273e2b4d0d00c1e4b45a36ac9_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    f74a949273e2b4d0d00c1e4b45a36ac9

  • SHA1

    925883a367bbe2fb39b43663dcb325791563683d

  • SHA256

    c42456c3efc4133cfd8a4b8e1fb064141c0ec452441cdd8215c8e9236bd5234d

  • SHA512

    16a7710c89f3639ecc73000e44735607cc18fbe086f0de3db57c5929caba848cc25cc0d178a1ed1c7bc70c1103771a613d7824f0d9bfd18f1c3291f0852e7530

  • SSDEEP

    24576:VXaRicFDnikUa0BVdybnnavdZ7VESwGMx0/J20Kczyiz25:J6ikU0bnaT7VESGIJ20Kcz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f74a949273e2b4d0d00c1e4b45a36ac9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f74a949273e2b4d0d00c1e4b45a36ac9_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious behavior: RenamesItself
    • Suspicious use of SetWindowsHookEx
    PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2056-0-0x0000000000400000-0x000000000057B000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2056-1-0x0000000000360000-0x0000000000362000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2056-4-0x0000000000400000-0x000000000057B000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2056-5-0x00000000003E0000-0x00000000003E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2056-28-0x0000000000400000-0x000000000057B000-memory.dmp

    Filesize

    1.5MB

    Download