Overview

overview

8

Static

static

1

f98699b149...18.doc

windows7-x64

1

f98699b149...18.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

8

decrypted.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 04:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f98699b14920260d75462a9839615eee_JaffaCakes118.doc

  • Size

    1.3MB

  • MD5

    f98699b14920260d75462a9839615eee

  • SHA1

    4e4e2fd4ecf6d07f775f0bab453d13301f8a29ad

  • SHA256

    f1a4a20953699eae11ba3258b1101a7b0e150be165ef0d0a157620a17ba924bb

  • SHA512

    facb77171ffb73286d73fb5e370328a9270aa10a12776e45b7c46298ca3651a0f6d9a6b66b703ff53f275ce90d8dbc01d15698f4663c87444e91999ba4fde678

  • SSDEEP

    24576:hWQaVakwsrdGydXVfi12J8nCUwSq8N4oFnAsayLMPPQZZdsCBrItG:EQa2srdbdlf/SoSRFnLMPPQ+SrI8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\f98699b14920260d75462a9839615eee_JaffaCakes118.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2212

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2212-0-0x000000002FE01000-0x000000002FE02000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2212-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2212-2-0x000000007138D000-0x0000000071398000-memory.dmp

          Filesize

          44KB

          Download

        • memory/2212-5-0x000000007138D000-0x0000000071398000-memory.dmp

          Filesize

          44KB

          Download