Analysis
-
max time kernel
139s -
max time network
101s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system -
submitted
30-04-2024 01:53
Behavioral task
behavioral1
Sample
08c1fa98964b3c2191238c7aa3134f86_JaffaCakes118.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
08c1fa98964b3c2191238c7aa3134f86_JaffaCakes118.dll
Resource
win10v2004-20240419-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
08c1fa98964b3c2191238c7aa3134f86_JaffaCakes118.dll
-
Size
1.1MB
-
MD5
08c1fa98964b3c2191238c7aa3134f86
-
SHA1
9ba8853ebd69b0fc7c7181aadcac6a313ee0a431
-
SHA256
048430d6071abaabb7dc29ace20a49f040407c879ee04fe99321e8d511471df5
-
SHA512
dd2c38c2ed76648831e5034b7bb1b0b7f95f0489c6b59cf3aae97b896655743bc3664a0f3ea71cc6e080f648f32fc84f1fc5bd953a4d5c0dc231c98e74b4cbff
-
SSDEEP
24576:7bba91q6btoq63x1Exf1cfhUSnIaWA62IekSXp5rPfxWxa1Vv:7azbtScVafhU6IvA68kA3+6Vv
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3376 wrote to memory of 2244 3376 rundll32.exe rundll32.exe PID 3376 wrote to memory of 2244 3376 rundll32.exe rundll32.exe PID 3376 wrote to memory of 2244 3376 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86_JaffaCakes118.dll,#12⤵