Overview

overview

7

Static

static

3

716562991f...18.exe

windows7-x64

7

716562991f...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/05/2024, 08:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    716562991fb6084fee5932260ea5a9b2_JaffaCakes118.exe

  • Size

    31.5MB

  • MD5

    716562991fb6084fee5932260ea5a9b2

  • SHA1

    6086c3cce0804925265fbfd73dadd78c71fd1d4c

  • SHA256

    add09e420855dd5b4c1089cf797cdf0d3e069c6ce6b4cae8fc63c0e18f348652

  • SHA512

    ea2b59fa6a39acc0f188055e5b6dabd40120a8df380d92b6d42c98e68d3c21d6bba9cde31fd17baa6428d4678dc4d8d4ad2eac6ab5d9b07a8f733954aa0f9618

  • SSDEEP

    393216:IlksRo1DhPxRt7288rnLs9j0Y3u2xFKpI7UGeBsoGH9MARlCnJw/xxNL9HrZjmd8:wkswbwYYJKVhZjcQ

Score
7/10

Malware Config

Signatures

  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 64 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\716562991fb6084fee5932260ea5a9b2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\716562991fb6084fee5932260ea5a9b2_JaffaCakes118.exe"
    1⤵
    • Checks BIOS information in registry
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4432-0-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-1-0x00007FFA91C90000-0x00007FFA91C92000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4432-3-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-4-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-5-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-6-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-7-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-8-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-9-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-10-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-11-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-12-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-13-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-14-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-15-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-16-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download

  • memory/4432-17-0x00007FF7C81E0000-0x00007FF7CAC9A000-memory.dmp

    Filesize

    42.7MB

    Download