Overview

overview

7

Static

static

3

b5c15340bd...18.exe

windows7-x64

7

b5c15340bd...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    52s
  • max time network
    54s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-06-2024 23:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5c15340bdb3a8cafd93bbfd800f6b57_JaffaCakes118.exe

  • Size

    313KB

  • MD5

    b5c15340bdb3a8cafd93bbfd800f6b57

  • SHA1

    3a720b11d21b30f94f54e549dd9143093c942c73

  • SHA256

    795ebf38c5c03ae08bf9d86c54334e2e0de401fd4f13d5aee8efd53a6229d2b1

  • SHA512

    1a949c71909d29488b5b8469e866a8a4e29efb377b6df07b18609f876801a8f49cd06371297346c04e1c2e82405912cf3d1b6b94abfefac27d3f8039896e1ca3

  • SSDEEP

    6144:uV24jwRTGLyog2fsAu6i6xgB1A/W1Z0fu96euCkY1:uV2mwRTyyog2fsz6xgBumH

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b5c15340bdb3a8cafd93bbfd800f6b57_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\b5c15340bdb3a8cafd93bbfd800f6b57_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\bhs539E.tmp
    Filesize

    242KB

    MD5

    f6cb534a58dcc29446b518fd294e82ad

    SHA1

    797935cd7ab355a55efa733fe8d7aadd09167d4b

    SHA256

    e7060cc8801db67b198e276e6f92355137ea3afd39797bf6b973b0bc822828df

    SHA512

    30738a097c8c9eecd0fc27b3d02796e5c9400bf7214710e57d932348bfe4752ce80dd6bd0d24c254b3032226bd017b7201a920d8a5b02e37d61a38c171bf28cb

    Download Submit

  • memory/4456-7-0x0000000005AD0000-0x0000000005ADA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4456-3-0x0000000005870000-0x00000000058B2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/4456-4-0x0000000006180000-0x0000000006724000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4456-5-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4456-6-0x0000000005B20000-0x0000000005BB2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4456-0-0x000000007480E000-0x000000007480F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4456-8-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4456-9-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4456-10-0x00000000092C0000-0x0000000009326000-memory.dmp

    Filesize

    408KB

    Download

  • memory/4456-11-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4456-13-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4456-21-0x000000000B760000-0x000000000BF06000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/4456-22-0x0000000074800000-0x0000000074FB0000-memory.dmp

    Filesize

    7.7MB

    Download