Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
09-05-2024 00:26
Behavioral task
behavioral1
Sample
276dcfa5d18b84e959161e03f475ed28_JaffaCakes118.dll
Resource
win7-20231129-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
276dcfa5d18b84e959161e03f475ed28_JaffaCakes118.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
276dcfa5d18b84e959161e03f475ed28_JaffaCakes118.dll
-
Size
1.2MB
-
MD5
276dcfa5d18b84e959161e03f475ed28
-
SHA1
267926f2d1bcbd06428dca411329f73f52c51e34
-
SHA256
06fd2ee1d0157279ca929e205d74ff68e2b66446e24e11615b73fd4969ac1b97
-
SHA512
da7e1cdec732827d3a5afa4edafb1717617ce6f3fee875730322e05761be15a410117ad6c5c0e7a90731b7709cdd85316caa3472fe8be0c842f1e719337b6a11
-
SSDEEP
24576:JTbGEVij4Chm/jeZCRLWlgYK9KajXNkSfA2VNdJgVia/665ClgFkU0S:0E/e6Tf9KajXNkSf1VNdjqCqFcS
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 760 wrote to memory of 4492 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 4492 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 4492 760 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\276dcfa5d18b84e959161e03f475ed28_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\276dcfa5d18b84e959161e03f475ed28_JaffaCakes118.dll,#12⤵