Overview

overview

7

Static

static

3

0325809b9e...18.exe

windows7-x64

7

0325809b9e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 05:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe

  • Size

    327KB

  • MD5

    0325809b9ec6d2f626f4b42af047d468

  • SHA1

    9a3eac00a3c722953efbe56cef088a18abadc909

  • SHA256

    9bda4871f4ce5da045adab860c1ed5d5934ecc8576e9c44ebd5edfc666b56148

  • SHA512

    ce3e37c906baf4c3660422a1b35066402c826a0c47bf3f809ef0e095c4ae0f9581fdaf9bff040e798d7528f956b7dcd0e088912e76b4fd5ee0e323f21ea27703

  • SSDEEP

    6144:/F2idZecnl20lHRxp3g3dygfPNc26JyG+KMvc8P3KaeR83GR:dF3Z4mxx3JftoP3Kak8G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    PID:1304
  • C:\Windows\SysWOW64\0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe
    C:\Windows\SysWOW64\0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe
    1⤵
    • Executes dropped EXE
    PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\0325809b9ec6d2f626f4b42af047d468_JaffaCakes118.exe
    Filesize

    327KB

    MD5

    0325809b9ec6d2f626f4b42af047d468

    SHA1

    9a3eac00a3c722953efbe56cef088a18abadc909

    SHA256

    9bda4871f4ce5da045adab860c1ed5d5934ecc8576e9c44ebd5edfc666b56148

    SHA512

    ce3e37c906baf4c3660422a1b35066402c826a0c47bf3f809ef0e095c4ae0f9581fdaf9bff040e798d7528f956b7dcd0e088912e76b4fd5ee0e323f21ea27703

    Download Submit

  • memory/1304-24-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-2-0x0000000001F00000-0x0000000001F01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-3-0x0000000001EE0000-0x0000000001EE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1304-5-0x0000000001EC0000-0x0000000001EC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-23-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-12-0x00000000032C0000-0x00000000032C2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1304-11-0x00000000032D0000-0x00000000032D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-10-0x0000000001ED0000-0x0000000001ED1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-9-0x0000000001F80000-0x0000000001F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-8-0x0000000001F10000-0x0000000001F11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-7-0x0000000001F20000-0x0000000001F21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-18-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-28-0x0000000000370000-0x0000000000371000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-27-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-26-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-35-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1304-4-0x0000000001F30000-0x0000000001F31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-6-0x0000000001EB0000-0x0000000001EB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-22-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-30-0x0000000003300000-0x0000000003301000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-29-0x0000000000380000-0x0000000000381000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-21-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-20-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-19-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-17-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-16-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-15-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-32-0x00000000032E0000-0x00000000032E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-14-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-31-0x00000000032F0000-0x00000000032F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1304-1-0x0000000000610000-0x0000000000664000-memory.dmp

    Filesize

    336KB

    Download

  • memory/1304-36-0x0000000000610000-0x0000000000664000-memory.dmp

    Filesize

    336KB

    Download

  • memory/1304-25-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1696-37-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download