Overview

overview

6

Static

static

1

411ee6851b...18.exe

windows7-x64

6

411ee6851b...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-05-2024 10:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    411ee6851b5b6f7a911ec0ba982283eb_JaffaCakes118.exe

  • Size

    241KB

  • MD5

    411ee6851b5b6f7a911ec0ba982283eb

  • SHA1

    212e4deee6f67abac8bccce6aad49f31812c6449

  • SHA256

    157fed21dc522d91382f17c2d667de4f62fb2a5233ba2454cf6438bc12e330c1

  • SHA512

    14f62493e07adb96add1ee3c77e7016a6f83cfb6246ec7214c047d5e49c1261206e579b506c38c102f6f4b20eef9b8e9b6421a2b114ede17dfbc0b69d9e49486

  • SSDEEP

    6144:K3bHS0G6hiqMf1EGVFx6TwRRn03GHT9u4MPsPHkszs5s/B5:K3K68Zft2GzY70PHH7/r

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\411ee6851b5b6f7a911ec0ba982283eb_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\411ee6851b5b6f7a911ec0ba982283eb_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2864

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\mm_231B.tmp\log.txt
    Filesize

    536B

    MD5

    4041ea5ef876c456608b77edbb3a9c13

    SHA1

    f1dc946045e66f07a4ea172930f3249a0b48ef0f

    SHA256

    1231f354cf4c27620eee24ad0768a2b3473834553f58fb5a77f9ce79e22ba5eb

    SHA512

    42a8c738db59d69ca3b7d080dc88c2282fd6c0cc128bdcc62c07059e4d2daa51c18b8a477852f70932e6f7e5dbb8f9187c906df2684e623632a992879a7adc52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mm_231B.tmp\log.txt
    Filesize

    1KB

    MD5

    d7247e7aa09046514aae0abd2015aea8

    SHA1

    0fb1123edf066dc99df068f90f33f7f1dd7a4051

    SHA256

    7519cbe192c14ad27d986f914bf85a3eae7299b156ad43ad6721897a6d78972e

    SHA512

    d61f9ce6f79a579b02fa77915bcd796ce209a43c117257f2543ebde6d2318fb4c6287ffc5f1d5266f5abc3875268bf8a337b05a2ecb6594b7e3e47caa9e63dfe

    Download Submit

  • memory/2864-26-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-0-0x000000007EEC0000-0x000000007EEC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-6-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-1-0x000000007EEB0000-0x000000007EEB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-3-0x000000007EEA0000-0x000000007EEA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-29-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-39-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-42-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-38-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-2-0x000000007EFA0000-0x000000007EFA8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2864-59-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2864-60-0x0000000020500000-0x000000002058F000-memory.dmp

    Filesize

    572KB

    Download