Overview

overview

7

Static

static

3

7a8d57767c...18.exe

windows7-x64

7

7a8d57767c...18.exe

windows10-2004-x64

7

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/05/2024, 21:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a8d57767cd4b2d57e1a50697aa78c56_JaffaCakes118.exe

  • Size

    120KB

  • MD5

    7a8d57767cd4b2d57e1a50697aa78c56

  • SHA1

    2b64b048da5f72c16c7024f63249b81bdd76344b

  • SHA256

    da65565b09e9e6422eca3e5264a80ec02401dcaca942876794a7aad0f63a1e29

  • SHA512

    631a171e92d96ff0b450db8222a586ae99804d0173bbed67ef290f1e62f49e8f4c6f5b186764d2f8b23f0d2f5369cc5d669412fd1c0fd43c5760420a1e0d3d8d

  • SSDEEP

    3072:XCunH3YQ4TgvMvPQQeqgKJ+BCR20T6j5a09N:XCAX3vMvPQEgKdN6j5D

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a8d57767cd4b2d57e1a50697aa78c56_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7a8d57767cd4b2d57e1a50697aa78c56_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:4324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsr56CC.tmp\INetC.dll
    Filesize

    24KB

    MD5

    640bff73a5f8e37b202d911e4749b2e9

    SHA1

    9588dd7561ab7de3bca392b084bec91f3521c879

    SHA256

    c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

    SHA512

    39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsr56CC.tmp\System.dll
    Filesize

    16KB

    MD5

    c8ffec7d9f2410dcbe25fe6744c06aad

    SHA1

    1d868cd6f06b4946d3f14b043733624ff413486f

    SHA256

    50138c04dc8b09908d68abc43e6eb3ab81e25cbf4693d893189e51848424449f

    SHA512

    4944c84894a26fee2dd926bf33fdf4523462a32c430cf1f76a0ce2567a47f985c79a2b97ceed92a04edab7b5678bfc50b4af89e0f2dded3b53b269f89e6b734b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsr56CC.tmp\nsDialogs.dll
    Filesize

    11KB

    MD5

    da979fedc022c3d99289f2802ef9fe3b

    SHA1

    2080ceb9ae2c06ab32332b3e236b0a01616e4bba

    SHA256

    d6d8f216f081f6c34ec3904ef635d1ed5ca9f5e3ec2e786295d84bc6997ddcaa

    SHA512

    bd586d8a3b07052e84a4d8201945cf5906ee948a34806713543acd02191b559eb5c7910d0aff3ceab5d3b61bdf8741c749aea49743025dbaed5f4c0849c80be6

    Download Submit

  • memory/4324-37-0x0000000000400000-0x0000000000471000-memory.dmp

    Filesize

    452KB

    Download

  • memory/4324-39-0x0000000063140000-0x000000006314B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/4324-38-0x0000000064540000-0x000000006454A000-memory.dmp

    Filesize

    40KB

    Download