Overview

overview

7

Static

static

3

237ddffa37...18.exe

windows7-x64

7

237ddffa37...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2024, 05:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    237ddffa3737f7014e265b87ec509046_JaffaCakes118.exe

  • Size

    384KB

  • MD5

    237ddffa3737f7014e265b87ec509046

  • SHA1

    cad230cdb2ca87ab510f3eec74e37bab52621044

  • SHA256

    2d0ebe84d9aafe41d234ad76376920493e7aba955013ada85c04facdf87c5632

  • SHA512

    86ea203394ff88417a33d1c11cf494daef53df40cb9b8df0c1c7676c42e0ac19a2102d4b8d32599207c17c6eed20b1c416ba10cd456f3d14728986228d1369d6

  • SSDEEP

    6144:3f5g6CgVaYQ25VTsY/PpR4m2iqGJCx5bbxs+5TkzYL6:3q6VVX5psY/n41iqlc+WQ6

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\237ddffa3737f7014e265b87ec509046_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\237ddffa3737f7014e265b87ec509046_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\jki3642.tmp
    Filesize

    265KB

    MD5

    5676334139484bbef8ad8a00cfcdfdb6

    SHA1

    b1ee4abcc65f7a27bacd6ae9881db0c14ade8935

    SHA256

    6aedfc9795e3487d0532ab8d23ea0c5a549cc884eedc650e1c3ad9469a2626ae

    SHA512

    f727bfc31d4adaea7f28752c22ce3496d19f24f19b162a1dbeea059662e8a326887a2a27e228cae4a2fce6f2f18e955958f2516b70227bfe1e476d9b98688f37

    Download Submit

  • memory/884-9-0x0000000006D80000-0x0000000006D8A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/884-5-0x0000000004AC0000-0x0000000004B08000-memory.dmp

    Filesize

    288KB

    Download

  • memory/884-6-0x00000000745D0000-0x0000000074D80000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/884-7-0x0000000007350000-0x00000000078F4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/884-8-0x0000000006DA0000-0x0000000006E32000-memory.dmp

    Filesize

    584KB

    Download

  • memory/884-1-0x00000000745DE000-0x00000000745DF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/884-10-0x00000000745D0000-0x0000000074D80000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/884-11-0x00000000745D0000-0x0000000074D80000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/884-12-0x000000000A2C0000-0x000000000A326000-memory.dmp

    Filesize

    408KB

    Download

  • memory/884-13-0x00000000745D0000-0x0000000074D80000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/884-22-0x000000000C920000-0x000000000D0C6000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/884-23-0x00000000745DE000-0x00000000745DF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/884-24-0x00000000745D0000-0x0000000074D80000-memory.dmp

    Filesize

    7.7MB

    Download