Overview

overview

9

Static

static

9

b0d11de4f9...18.exe

windows7-x64

1

b0d11de4f9...18.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-06-2024 00:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe

  • Size

    8.7MB

  • MD5

    b0d11de4f9e04fd57e346a1d8c599090

  • SHA1

    293361ac9b6544edd4d3dcc24f37e45f74dc917a

  • SHA256

    70ac963c22dc66f78d596c220d4af4ce2ee8d7a8c3c84f785df19c42f4e4205b

  • SHA512

    e2966105329d706492e1242cbbccd284de8dee6f773bcbb8d703c339f13ea95019e853dfd9beca13c617428ed9c9f9394e6833667b4c200649b46ac312521c26

  • SSDEEP

    98304:1+/mUSk7lZ7biAZK82ueGqnhA+D6gLlJV5mEkAn1dJIek1ledy87cRb+uSlYd1qF:AuG7btuueGfAnbJPk1leCQuSAqF

Score
9/10
cryptonepacker

Malware Config

Signatures

  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

    cryptonepacker
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4072-1-0x0000000000400000-0x0000000000CAC000-memory.dmp
    Filesize

    8.7MB

    Download
  • memory/4072-2-0x0000000000400000-0x0000000000CAC000-memory.dmp
    Filesize

    8.7MB

    Download