Overview

overview

7

Static

static

3

416efd52a4...18.exe

windows7-x64

7

416efd52a4...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 12:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    416efd52a4cfe608accacd2dfec32899_JaffaCakes118.exe

  • Size

    62KB

  • MD5

    416efd52a4cfe608accacd2dfec32899

  • SHA1

    a0f2190baf3144d1fd559575e457236978d91946

  • SHA256

    2ca82e2ab1c69baa34c2102c71e6c742c4c640e495dea34b2c75d16dedca22f0

  • SHA512

    61c1a589291c227f595b503b9bc40b694b984fa76c24d70f0d1c4bf6993eaa60474ec5e81e5c1e3d15d8ac35d0ec2cec238d7648001585056672b837ea6a2f09

  • SSDEEP

    1536:bErPZ3IBZcbTfu1HlrJFCPcbPnLsOwPZm:GPC23aJFC0bPnLlwhm

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\416efd52a4cfe608accacd2dfec32899_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\416efd52a4cfe608accacd2dfec32899_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2100

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\nst12E6.tmp\NSISdl.dll
          Filesize

          15KB

          MD5

          7caaf58a526da33c24cbe122e7839693

          SHA1

          7687112cb6593947226f8a8319d6e2d0cdef3b11

          SHA256

          19debdc4c0b6f5dc9582bda7a2c1146516f683e8d741190e6d4b81ad10b33f61

          SHA512

          aafd0cb2abb3d2dee95c2d037a6a1a5bff0518e3210ced0c39e6d6696e4fab4734df01476fe9dcb208f02c529cd03346bc8b7f3319ae49701bbf2cb453d59bae

          Download Submit