Overview

overview

7

Static

static

3

886a56b879...18.exe

windows7-x64

7

886a56b879...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 21:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    886a56b8797e7f4d4827d514240fb031_JaffaCakes118.exe

  • Size

    4.8MB

  • MD5

    886a56b8797e7f4d4827d514240fb031

  • SHA1

    f8542f0b3fad3ad81e9b3125e0016402cf6bd443

  • SHA256

    3464ada7756b0d86c23a4be5dd79653d3725aa77bd0376c352f47bcdc5d78d99

  • SHA512

    8b215053418aa2e5e43b2f08490fc1dfa519deba34776b22be53b3be07bd4003b822cb8b6c553c9cae31d455eedc84cc3a866dae010e4fc8baeb5483e4a4863c

  • SSDEEP

    98304:kQn4JI3qGf9eTq7wFE+poj14BfJ4i9GChW4jgEfxLyNfrN2xyI:jNf9eTqUi+6yBfJdh9gEfxQxcyI

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\886a56b8797e7f4d4827d514240fb031_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\886a56b8797e7f4d4827d514240fb031_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Archivos de programa\POOLMDP - Ventas\Actualizador.exe
    Filesize

    1.7MB

    MD5

    179723f68097a5393d500fb0f6a1df80

    SHA1

    b6be352431f1085cb8b4dce013aea0870b3f2ddf

    SHA256

    486cd452e402432281f24666d36512c0d389e23df101690353d29ce22cc64700

    SHA512

    c99b0d4179764968e3a607486b0bfe9617f4e7346abf1e435d56634bbd17296e64160b3df501fe39f49c6ba80891b6c16456e9c91b3a8541d9c9d2af8362713d

    Download Submit

  • memory/1440-99-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download