f2c77d01cc9241f08a71c22e01a094783f0b18c8e0de502588af14c2344e0965

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
20-04-2024 03:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
Size

136KB
MD5

fbd81db8ec3c46dc6093afbbdcaf9821
SHA1

efdb5c939d380c6172e7833b3e657f4e11a879cf
SHA256

f2c77d01cc9241f08a71c22e01a094783f0b18c8e0de502588af14c2344e0965
SHA512

14ecea7782de415c5396253d2a1f6d592a9644713e8da1c4f06fb781d26ef7e3c37e96cf65335985570770b3e89eb52b73753eeb3cdc97f5f7d529d0efd2175a
SSDEEP

3072:blN9RkkkkkkTLJ0YufKOpHuMSIzxJzef5V09629:5dkkkkkkZpOpHRSwrs5W629

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/592-0-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/memory/592-1-0x0000000000400000-0x0000000000423000-memory.dmp	upx
behavioral2/files/0x00080000000233d1-6.dat	upx
behavioral2/memory/592-20-0x0000000000400000-0x0000000000423000-memory.dmp	upx

Drops file in Windows directory 18 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\BattleField 1942 trainer.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 trainer.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\Counter-Strike + cdfix.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\FlatOut(nocd).exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\Doom 3(cheat).exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Sims 2 cdfix.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\Counter-Strike fix.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Silent Hill 4_serial.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\DAoC_crack.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\FlatOut(nocd).exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike + cdfix.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\UT2004 cheat.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Doom 3(cheat).exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\Sims 2 cdfix.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC hack.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\UT2004 cheat.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\Silent Hill 4_serial.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC_crack.exe	fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fbd81db8ec3c46dc6093afbbdcaf9821_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Counter-Strike + cdfix.exe

Filesize
137KB

MD5
d6d4ce084ad6f3a7b7e1a3122d191841

SHA1
b845ccee741a2e854df34c3f1d2c9376f5be8778

SHA256
377a1421aefcdbbb926d2f78a2a0d43255750ba071c6c09e66cb3a558ec7c3ad

SHA512
bb8b6de76ccb38173edf6dd98538aa19d79fe209a3a3b2af5695bc035fa67ac0cadc285652b5ee72238e387cb39c270948f2d9ca166f6a7f9e61c120ef0f5c29

Download Submit
memory/592-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/592-1-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/592-20-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads