Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:29

General

  • Target

    a1be9192e891fba4c6b77a3aa2fee9f8_JaffaCakes118.dll

  • Size

    2.3MB

  • MD5

    a1be9192e891fba4c6b77a3aa2fee9f8

  • SHA1

    f9ec2a5a13645fccaf980f90be0d9ddaebf62996

  • SHA256

    85980a58e807de02fe0cd2e795c66b1c435408427bc0c5a30aa2d84447bdd10d

  • SHA512

    624b005be5da8eb9c2c64e434320f542b6d1f6338a2ee8d083d202047650a8e82b5a6365b4f948f8d87d19964d44155a6ae077f9390b736c7949e8d7e318c8ff

  • SSDEEP

    49152:zfo+nVDb0LLygXtKKGcDRQWFqG9v0R/k+hKhQwZHb:k8VDb0JXtKBWFqG9MR/dhKhQwZ7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a1be9192e891fba4c6b77a3aa2fee9f8_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a1be9192e891fba4c6b77a3aa2fee9f8_JaffaCakes118.dll,#1
      2⤵
        PID:2072

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads