Overview

overview

7

Static

static

1

7782f29214...18.exe

windows7-x64

7

7782f29214...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    154s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/05/2024, 01:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7782f29214c572cac584254d4063c0b4_JaffaCakes118.exe

  • Size

    17.4MB

  • MD5

    7782f29214c572cac584254d4063c0b4

  • SHA1

    b9bea15d9986975c47e92cbbd7e0bd39f502ac63

  • SHA256

    b010f6cef75c33e294d289c28c0b3d407df9277e9c4abf05f8b62ccd9912f9dc

  • SHA512

    cfd276bc941ae6dcd0ed628a3c6267020242d3a239b00051d913e03c34f1304b0a124f20423520260d6cf11263c8db661106575f7bd69b79d6a93c62478cb5fb

  • SSDEEP

    393216:NNWRRs7WBhKvnPsNNkPpjHTPuPw6q4o8G3hgdsQ6lLe8fZc0oP:NYk7uofPsHkPhHQlq47GRq60/HP

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Users\Admin\AppData\Local\Temp\is-J9CE3.tmp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-J9CE3.tmp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.tmp" /SL5="$90116,17910329,57856,C:\Users\Admin\AppData\Local\Temp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.exe"
      2⤵
      • Executes dropped EXE
      PID:2056
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3572 --field-trial-handle=2280,i,1836084024518340990,18250262151825427757,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3860

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\is-J9CE3.tmp\7782f29214c572cac584254d4063c0b4_JaffaCakes118.tmp
            Filesize

            702KB

            MD5

            6a4494ccea512f61f234d0e05c4f79a1

            SHA1

            6a884288ae686fe35c996ffbb5bf4f098848192c

            SHA256

            87832cf953f5c8f5aafc1391ea63a01fc5f2bef4320870f0984b67ea5aed5ce1

            SHA512

            d0271d3a0a3604f86383d7e6a7832e788fc1f2dbd6caa331e8b47fdea0bfcb7a03fdefed793cb4c0f9d9d8bc5862c3b68ba16b4cfaabdf508cfc3db08940a789

            Download Submit

          • memory/2056-7-0x0000000000400000-0x00000000004BE000-memory.dmp

            Filesize

            760KB

            Download

          • memory/2056-9-0x0000000000400000-0x00000000004BE000-memory.dmp

            Filesize

            760KB

            Download

          • memory/3040-0-0x0000000000400000-0x0000000000415000-memory.dmp

            Filesize

            84KB

            Download

          • memory/3040-2-0x0000000000401000-0x000000000040C000-memory.dmp

            Filesize

            44KB

            Download

          • memory/3040-6-0x0000000000400000-0x0000000000415000-memory.dmp

            Filesize

            84KB

            Download

          • memory/3040-10-0x0000000000400000-0x0000000000415000-memory.dmp

            Filesize

            84KB

            Download