Overview

overview

5

Static

static

3

a13ba0c1fd...18.exe

windows7-x64

5

a13ba0c1fd...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe

  • Size

    571KB

  • MD5

    a13ba0c1fdbad7648de9e93a4aaa17f6

  • SHA1

    46ab2afaa7e289be5eb4bd3626be8144defb532a

  • SHA256

    807b3866f5bf73d6d441d67a080ddb825de6b099f46f43b3a693c7f8d089ef03

  • SHA512

    e5944285b22af01af3de441b68539d890e32e043387f7f8bc445ce4482ae1ec157bc0ad8ceb6d5198d2fa1f1d33f30efedcc9902fdb360d06a3b0823079551f9

  • SSDEEP

    6144:jRwfqUKDPM5x3/nHFGpkg+p3F2wN2tjbTwxcueNrXa1DTgjAuJqaLe8tx8IZfL:W/nl99dF/2XUcVNrK1DTgS7TIZT

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1748-0-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-1-0x00000000022F0000-0x0000000002332000-memory.dmp

    Filesize

    264KB

    Download

  • memory/1748-2-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-4-0x0000000000630000-0x0000000000631000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1748-3-0x00000000022F0000-0x0000000002332000-memory.dmp

    Filesize

    264KB

    Download

  • memory/1748-5-0x0000000000402000-0x000000000044B000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1748-7-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-6-0x0000000076CE0000-0x0000000076EF5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1748-8-0x00000000768C0000-0x0000000076B41000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1748-9-0x0000000076F00000-0x0000000076FE3000-memory.dmp

    Filesize

    908KB

    Download

  • memory/1748-11-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-10-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-12-0x0000000072960000-0x00000000729E9000-memory.dmp

    Filesize

    548KB

    Download

  • memory/1748-13-0x0000000004D20000-0x00000000052C4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1748-14-0x00000000052D0000-0x0000000005362000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1748-15-0x0000000076010000-0x00000000765C3000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1748-16-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-17-0x00000000053A0000-0x00000000053AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1748-18-0x0000000070620000-0x0000000070830000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1748-19-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-23-0x0000000075F40000-0x0000000075FBB000-memory.dmp

    Filesize

    492KB

    Download

  • memory/1748-25-0x00000000755B0000-0x000000007566F000-memory.dmp

    Filesize

    764KB

    Download

  • memory/1748-28-0x0000000074EB0000-0x0000000074F02000-memory.dmp

    Filesize

    328KB

    Download

  • memory/1748-26-0x0000000076720000-0x00000000767DF000-memory.dmp

    Filesize

    764KB

    Download

  • memory/1748-24-0x0000000075740000-0x0000000075860000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1748-21-0x0000000076CE0000-0x0000000076EF5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1748-22-0x0000000075FE0000-0x0000000076004000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1748-30-0x00000000768C0000-0x0000000076B41000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1748-35-0x0000000074680000-0x0000000074688000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1748-34-0x0000000074690000-0x000000007469F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1748-33-0x00000000746A0000-0x000000007472D000-memory.dmp

    Filesize

    564KB

    Download

  • memory/1748-41-0x0000000075670000-0x0000000075689000-memory.dmp

    Filesize

    100KB

    Download

  • memory/1748-44-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-42-0x0000000070C60000-0x0000000070DC9000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1748-40-0x0000000072960000-0x00000000729E9000-memory.dmp

    Filesize

    548KB

    Download

  • memory/1748-39-0x0000000076F00000-0x0000000076FE3000-memory.dmp

    Filesize

    908KB

    Download

  • memory/1748-38-0x0000000073E00000-0x0000000073EAB000-memory.dmp

    Filesize

    684KB

    Download

  • memory/1748-37-0x0000000073EB0000-0x0000000073EC4000-memory.dmp

    Filesize

    80KB

    Download

  • memory/1748-36-0x0000000073ED0000-0x0000000074680000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/1748-32-0x0000000076C90000-0x0000000076CD5000-memory.dmp

    Filesize

    276KB

    Download

  • memory/1748-31-0x0000000075010000-0x00000000750A6000-memory.dmp

    Filesize

    600KB

    Download

  • memory/1748-29-0x0000000074DA0000-0x0000000074E14000-memory.dmp

    Filesize

    464KB

    Download

  • memory/1748-20-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-43-0x0000000070620000-0x0000000070830000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1748-45-0x00000000022F0000-0x0000000002332000-memory.dmp

    Filesize

    264KB

    Download

  • memory/1748-46-0x0000000000402000-0x000000000044B000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1748-47-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-48-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-72-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-73-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-78-0x0000000075740000-0x0000000075860000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1748-74-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/1748-80-0x0000000076720000-0x00000000767DF000-memory.dmp

    Filesize

    764KB

    Download

  • memory/1748-79-0x00000000755B0000-0x000000007566F000-memory.dmp

    Filesize

    764KB

    Download