Overview

overview

7

Static

static

3

696c3d8f65...18.exe

windows7-x64

7

696c3d8f65...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 02:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    696c3d8f6500126632a6e52e39d37c1c_JaffaCakes118.exe

  • Size

    36KB

  • MD5

    696c3d8f6500126632a6e52e39d37c1c

  • SHA1

    54ebe396a8be09091458fa6a8198148286cf82f2

  • SHA256

    9fc9d06cf962da61f3e45f7200bb78584f926befe473000a9ae05b9ab0901ff6

  • SHA512

    b1a803be3b488cb65e2fadd5651bb95f8802b93c8dff509e73a152a33e0d17f4eab90f44543b9c999b76dee1636eb122a119b3a4373b1f7d28d6743375f641b8

  • SSDEEP

    384:68eC2SR8G8zrMh2wbgMllYfVfZRQldiWzRIbSRGc:YynhPs0YfulgWFOSRj

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\696c3d8f6500126632a6e52e39d37c1c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\696c3d8f6500126632a6e52e39d37c1c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\elementwlwz.dll
    Filesize

    15KB

    MD5

    d838f9f894c3ec48f6c0ad7afd198382

    SHA1

    03d748266cf4dd8ee331b74bf7a38c3558af09a6

    SHA256

    4d8f9faf08bc5ae50706c9de8ee0011c3c8fb34b2bedcac1ee7faac26ce55a3d

    SHA512

    a992f9bca27c8bee69d0a6901114aa2312cd37f805320b80d62ef9a3d8f8faa2fa701382bf6ff6763b9c353e3cdd36f621446a042726f37b0957e912824be346

    Download Submit