Overview

overview

7

Static

static

3

3ea09bb5b4...18.exe

windows7-x64

7

3ea09bb5b4...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    110s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-05-2024 08:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe

  • Size

    469KB

  • MD5

    3ea09bb5b47a7e7dd88ae7a01ba48ee4

  • SHA1

    eb01c151225c699d0122cf3cbbf2808c190e36c7

  • SHA256

    23d09307ae079c2f2c1519e3e8df5f02faead44914b990cdab749519a9a8bca2

  • SHA512

    88308a9764baf50337863c009fe088d9ca02e2df81e2ef5bea940189fd80995dcc8fab2edd1ecd0e95f136cdb6adcdfee6a9e897f6182894857bab44d5747ae0

  • SSDEEP

    12288:KHPy7OCX0K0GJMFtJjYu2gX/cwzD3vXM9GcHU:K67OI0K0GktpYul/TzD/X3c0

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3ea09bb5b47a7e7dd88ae7a01ba48ee4_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ogi3C8C.tmp
    Filesize

    172KB

    MD5

    fe763c2d71419352141c77c310e600d2

    SHA1

    6bb51ebcbde9fe5556a74319b49bea37d5542d5e

    SHA256

    7fdf10ca02d2238e22fda18dfbede9750da9f257221802c8b86c557c19c9bc7b

    SHA512

    147b3a525b1fef98ae46923dcbe25edfcf7b523f347857466eefa88f09ec053ba309dfbee5f1454ec64aba0518ee21986c4b6a506f8550efb1163c8f04d7482c

    Download Submit

  • memory/3088-0-0x0000000000400000-0x000000000044D000-memory.dmp

    Filesize

    308KB

    Download

  • memory/3088-8-0x0000000000A70000-0x0000000000AE3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/3088-7-0x0000000000A70000-0x0000000000AE3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/3088-9-0x0000000000A70000-0x0000000000AE3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/3088-10-0x0000000000400000-0x000000000044D000-memory.dmp

    Filesize

    308KB

    Download