Overview

overview

6

Static

static

1

679e4653fa...18.exe

windows7-x64

6

679e4653fa...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    679e4653fae3d5ab87db8eccf154e9cb_JaffaCakes118.exe

  • Size

    1.2MB

  • MD5

    679e4653fae3d5ab87db8eccf154e9cb

  • SHA1

    d5c48fdca60c8a792d6ce1f95f0e7249fc26a3ae

  • SHA256

    1b32e8aa34f2c6d5cfaf387662778fba8bef067cc8acdd045323cfc9b38e4aa7

  • SHA512

    1fd019e73ca7a69935f84f2c8af6bf2a71ebf8f23d318ed8a3572ac61dcbbea935413f794e35bd2b596181b46132bb608573b3df31869a246ca304519faa8f00

  • SSDEEP

    3072:4sMus7JQSAr0bxgdXeE5tXvR1U06p2sv/7sTPsHNkRRtvfy+WBq4tvqlGvVvR2XT:42sGSA3OitRO06osv/7mny+WqlGtszP

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\679e4653fae3d5ab87db8eccf154e9cb_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\679e4653fae3d5ab87db8eccf154e9cb_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2896-0-0x00000000000F0000-0x00000000000F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-3-0x0000000000120000-0x0000000000121000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-2-0x0000000000110000-0x0000000000111000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-1-0x0000000000100000-0x0000000000101000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-4-0x0000000000130000-0x0000000000131000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-5-0x0000000000180000-0x00000000001AF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2896-10-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-9-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2896-16-0x00000000002A0000-0x00000000002A1000-memory.dmp

    Filesize

    4KB

    Download