Overview

overview

10

Static

static

3

f9387f159f...18.exe

windows7-x64

10

f9387f159f...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-04-2024 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9387f159f97d49649d1e6b34802dd3f_JaffaCakes118.exe

  • Size

    136KB

  • MD5

    f9387f159f97d49649d1e6b34802dd3f

  • SHA1

    b0f8090cb04a59d08e355553162a7fad645a3a4e

  • SHA256

    0af20465dac642791831be79702b7c4cbf204f170b8441ab001a7519eb6dc45c

  • SHA512

    e6a507398a4ed6279212c670ede75c25f47e82a04ef86f9f2ce7fb9fd64879a1c9bac17eaa2a0fe04bd5778d6da1167458f6716a984273820111daa70589f92c

  • SSDEEP

    1536:Y2lBo3b3rcKZQTQ08vL0xi+1PMg5nIFvkUQrsn78FseZ/MbzU5x+AMe:YIOszQXvYxvMzBrnIWeZ/Hb5

Score
10/10
guloaderdownloader

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f9387f159f97d49649d1e6b34802dd3f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f9387f159f97d49649d1e6b34802dd3f_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2812-2-0x0000000004AF0000-0x0000000004B04000-memory.dmp
    Filesize

    80KB

    Download