Overview

overview

6

Static

static

1

7b091d36b2...18.exe

windows7-x64

6

7b091d36b2...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 00:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118.exe

  • Size

    12.2MB

  • MD5

    7b091d36b24c1b33e3a10ff59421d989

  • SHA1

    d139399e2ccf052e2c5a4c3ff821cf41efcaacb3

  • SHA256

    d7e3ec034b2453f8c332634be4d0dc22fb133ab8d75a72d05fd16881f76cf2ef

  • SHA512

    8a84e5d36623075efa2925c67b4ca1574bc8fb19d26d03944b1c6014af10fc2391e6aa8c22dace12ee0f53f86c4908117baf6d54e5fb925fe879213784176ddf

  • SSDEEP

    196608:Md+5boxGEzRmVQYa8332DAhcZvZdrkBAfe5ZtubUtBvk0NqThkRC41AaObQw5Ai:MsE3U33KdZfXwtNNqqLOb7

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7b091d36b24c1b33e3a10ff59421d989_JaffaCakes118.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of SetWindowsHookEx
    PID:1948

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads