42ffc4030d34d874865254159034b7cc68074e3ce9f2827626d1951c5dc3ea9d

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
21-04-2024 10:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe
Size

6.2MB
MD5

ff19c1da18a87b195d216e098fd45f7d
SHA1

39a2c2fcf655ea0ae05214a7caa75fa48ee58764
SHA256

42ffc4030d34d874865254159034b7cc68074e3ce9f2827626d1951c5dc3ea9d
SHA512

4669e3ba063f2cafcc19a426b9d7cb9e969c1c6d3ef91577c18ea720c6ef443d2164f993712ae79f4b2ec94dabec6289675eade2ff8609e741fc1373d7054d28
SSDEEP

98304:EcKGTf6NuxGTf65f6wGTf65f66iGTf65f6wGTf6+:Ezk4+4j4++

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3448	deb.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3448	deb.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
3448	deb.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3448	deb.exe
3448	deb.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3024 wrote to memory of 3448	3024	ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe	87
PID 3024 wrote to memory of 3448	3024	ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe	87
PID 3024 wrote to memory of 3448	3024	ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe	87

C:\Users\Admin\AppData\Local\Temp\ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3024
- C:\Users\Admin\AppData\Local\Temp\deb.exe
  C:\Users\Admin\AppData\Local\Temp\deb.exe -run C:\Users\Admin\AppData\Local\Temp\ff19c1da18a87b195d216e098fd45f7d_JaffaCakes118.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\deb.exe

Filesize
6.3MB

MD5
77820c2ca7cf24e2b42f0ce64b8169f2

SHA1
fb60c20f1e066d930ecce00f149308a5a00f3172

SHA256
e30e4fbc21951ae7b8d949794685043b5b2a526e4a95b25cdd7518173feb587b

SHA512
4ef7c87c21357dc0c08956664e5865e1bab28b4ede104aba0176b4115049495982d2b978493f911c7eaac0786215b9dd1d927ba8fa787fb663f6af739c989dfd

Download Submit
memory/3024-13-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/3024-4-0x00000000022C0000-0x00000000022C1000-memory.dmp

Filesize
4KB

Download
memory/3024-14-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/3024-5-0x0000000002450000-0x0000000002451000-memory.dmp

Filesize
4KB

Download
memory/3024-15-0x00000000024D0000-0x00000000024D1000-memory.dmp

Filesize
4KB

Download
memory/3024-6-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/3024-8-0x0000000002430000-0x0000000002431000-memory.dmp

Filesize
4KB

Download
memory/3024-16-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/3024-9-0x0000000002480000-0x0000000002481000-memory.dmp

Filesize
4KB

Download
memory/3024-11-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/3024-12-0x0000000002D60000-0x0000000002D62000-memory.dmp

Filesize
8KB

Download
memory/3024-27-0x00000000025A0000-0x00000000025A1000-memory.dmp

Filesize
4KB

Download
memory/3024-3-0x00000000022D0000-0x00000000022D1000-memory.dmp

Filesize
4KB

Download
memory/3024-2-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download
memory/3024-10-0x0000000002D70000-0x0000000002D71000-memory.dmp

Filesize
4KB

Download
memory/3024-17-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/3024-1-0x00000000022E0000-0x0000000002330000-memory.dmp

Filesize
320KB

Download
memory/3024-18-0x00000000024F0000-0x00000000024F1000-memory.dmp

Filesize
4KB

Download
memory/3024-19-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/3024-24-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/3024-23-0x0000000002540000-0x0000000002541000-memory.dmp

Filesize
4KB

Download
memory/3024-26-0x00000000022E0000-0x0000000002330000-memory.dmp

Filesize
320KB

Download
memory/3024-25-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/3024-28-0x0000000002D50000-0x0000000002D56000-memory.dmp

Filesize
24KB

Download
memory/3024-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/3448-35-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/3448-50-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-32-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3448-31-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3448-34-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/3448-33-0x0000000002680000-0x0000000002681000-memory.dmp

Filesize
4KB

Download
memory/3448-29-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3448-37-0x0000000002C50000-0x0000000002C56000-memory.dmp

Filesize
24KB

Download
memory/3448-36-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/3448-38-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-41-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-40-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-39-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-43-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-42-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-44-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-45-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-46-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-47-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-48-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-49-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-30-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

Filesize
4KB

Download
memory/3448-51-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-53-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-52-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-54-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-55-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-56-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-57-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-58-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-59-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-60-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3448-62-0x0000000002D00000-0x0000000002D01000-memory.dmp

Filesize
4KB

Download
memory/3448-61-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3448-63-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3448-65-0x00000000007A0000-0x00000000007A1000-memory.dmp

Filesize
4KB

Download
memory/3448-68-0x0000000002C90000-0x0000000002C91000-memory.dmp

Filesize
4KB

Download
memory/3448-67-0x0000000002CA0000-0x0000000002CA1000-memory.dmp

Filesize
4KB

Download
memory/3448-66-0x00000000007C0000-0x00000000007C1000-memory.dmp

Filesize
4KB

Download
memory/3448-64-0x0000000002D10000-0x0000000002D11000-memory.dmp

Filesize
4KB

Download
memory/3448-81-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download