Overview

overview

7

Static

static

3

fd9ff5560c...18.exe

windows7-x64

7

fd9ff5560c...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 20:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fd9ff5560c699d1081f430440668e9b4_JaffaCakes118.exe

  • Size

    1.9MB

  • MD5

    fd9ff5560c699d1081f430440668e9b4

  • SHA1

    5f2a533e18179bc2d3bc794b31b8ad51bfc60958

  • SHA256

    7f0489f87db8a1684d4cdd45a9b39c4d542ff1f97e1d0b64a55c72249913e295

  • SHA512

    69e7a9856f1edb3125b49250849eec5b66b71863266281576bc980eea22875f022d373d4aa4054636f0aa0f8d9325212766c9ac3c893a679a82101703693b8dc

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dYHB4oTexpwqoaHNVoND2imY+OokCFBK+RFqr:Qoa1taC070dwhC/FHHoNHmYrFCBoYyd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fd9ff5560c699d1081f430440668e9b4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fd9ff5560c699d1081f430440668e9b4_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:384
    • C:\Users\Admin\AppData\Local\Temp\17B5.tmp
      "C:\Users\Admin\AppData\Local\Temp\17B5.tmp" --splashC:\Users\Admin\AppData\Local\Temp\fd9ff5560c699d1081f430440668e9b4_JaffaCakes118.exe 57B7548501D3434DC61773A47D223F215A27828A149B8E7A9796FFDD105818063368C2ADCD9E49F5E29F634B773E8EF2A8B7F2C145154815D850B91AB6ACA215
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2296

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\17B5.tmp
          Filesize

          1.9MB

          MD5

          d840132684cb7b8f2b099cb5b8d59c21

          SHA1

          9bbbca1edb075ed4d3b71b73b52d9b87709e2b1d

          SHA256

          1f72af597f5004d5a77903b9f6662f3109fd8f478be0085777fab6450c7ef44b

          SHA512

          38edb5b5158d297f6eb4bd6ded8b7844bc7a6db46cc3123a986ff552e4ff28d887a3fcb8f7484f73fe893d8fd0af3c810b063748b2d474a9cb91b2e11dc56d48

          Download Submit

        • memory/384-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2296-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download