6522ef8de1ededc0fc6be03443e72a00a151f484f777fcefbaa9ba34687379f0

Analysis

max time kernel
93s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
18-04-2024 14:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
Size

132KB
MD5

f82ed514f7663d3b398469e1cb80b78a
SHA1

05c565c11925c6a6f0821891da6f7f8330a6a302
SHA256

6522ef8de1ededc0fc6be03443e72a00a151f484f777fcefbaa9ba34687379f0
SHA512

59231cfaeafdee8788c1cbd9d063864cdd3d47f1623aa44b446df334e1c1964ff6125eeaaa276e157596367766dc14b188bf5780166c4acbdbb801ebed39b52a
SSDEEP

1536:3UUUUUUUUUUHdTD+vvvvvvvvvh+UUUUUUUC9mIkkkkkkTyhhhhhhhMa3KN2Y6Lqb:blN9RkkkkkkTLJ0Y6LFrpQQVQl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/1932-0-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/memory/1932-1-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/files/0x000a0000000233fc-6.dat	upx
behavioral2/memory/1932-20-0x0000000000400000-0x0000000000423000-memory.dmp	upx

Drops file in Windows directory 18 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Counter-Strike(crack).exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\FlatOut_serial.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\BattleField 1942 + trainer.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\UT2004 + hack.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 + nocd.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\UT2004 + hack.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\Doom 3 fix.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942_crack.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC_cheat.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\DAoC_cheat.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike(cheat).exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\BattleField 1942 + nocd.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\BattleField 1942_crack.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike(crack).exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\Counter-Strike(cheat).exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\FlatOut_serial.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Doom 3 fix.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
File created	C:\Windows\win32dc\Silent Hill 4 + serial.exe	f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f82ed514f7663d3b398469e1cb80b78a_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:1932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Counter-Strike(cheat).exe

Filesize
134KB

MD5
be5a6e010365527352a5d852bc61dfb8

SHA1
1e709f229f593d9174c248d3c26931c9c8cc6d50

SHA256
3925c54ffcf7d3410c5fa7c656e4a9aecc14c0a27d2dd4b60e95c1853e7cadc2

SHA512
2ac6dbad0cfae094e88a7eef247d1a8c32b91fd29d447bd9eeb6151fefa17ddb87675d076b9a2276b8f521ff6b0bec50fc60deb6a2752bfea623fd4310ac657d

Download Submit
memory/1932-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/1932-1-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/1932-20-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads