Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
-
submitted
20-05-2024 17:37
General
-
Target
6058db89a4f5614808a8e1a7ac77caab_JaffaCakes118.exe
-
Size
212KB
-
MD5
6058db89a4f5614808a8e1a7ac77caab
-
SHA1
c1f726a5a96ef80fcdba7e60a64770f0802a8b0b
-
SHA256
766e7abb4b88bebb9923b9657a446a0bb6be847d5d4c4be046ed248b9136626d
-
SHA512
e74d635e2b26d7fc00419f8c747c84ddc9e3f8dfebaa8b60e6d4d187de930883c7e303fa400051a50bc2fb5ecf9ff5c3c48e9c6b9b404418529ddc84370620e5
-
SSDEEP
3072:tpBIXcL1Iy+6Ak9lN5hnY7CQJPQTTlO9rlHSzQlufVWeoZgPU05kAv1emq4rOS:tXL1Z+l8RRQRyTA95SjWerd5OkO
Score
10/10
Malware Config
Signatures
-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6058db89a4f5614808a8e1a7ac77caab_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\6058db89a4f5614808a8e1a7ac77caab_JaffaCakes118.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2424-1-0x00000000004D0000-0x00000000005D0000-memory.dmpFilesize
1024KB
-
memory/2424-3-0x0000000000400000-0x000000000043C000-memory.dmpFilesize
240KB
-
memory/2424-2-0x00000000002B0000-0x00000000002E8000-memory.dmpFilesize
224KB
-
memory/2424-4-0x0000000000400000-0x0000000000448000-memory.dmpFilesize
288KB
-
memory/2424-5-0x00000000004D0000-0x00000000005D0000-memory.dmpFilesize
1024KB
-
memory/2424-7-0x0000000000400000-0x000000000043C000-memory.dmpFilesize
240KB