Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 07:22

General

  • Target

    03fbbba08443d719c48a16380a4c7bca_JaffaCakes118.dll

  • Size

    113KB

  • MD5

    03fbbba08443d719c48a16380a4c7bca

  • SHA1

    2ec24b53585b27f9a778845f4e530e6b0421a575

  • SHA256

    40db3319b8eeec04973e9f67ce1eb5f76160619c9c6a54e3a8208a18be7529d2

  • SHA512

    5e3042db83759db56f1d99cbdf52678f06297f678034a1806122f5012bf5ea38a186944dc1fed4e73ef9922dbe169849d49d70f0ef9fc000088e7592cd76cd86

  • SSDEEP

    3072:sewc6DlnLPTOBZLJW7m3TfY1qCB2Y2FmH2:sewc6DBLbOJW7YfYstY2Fm

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\03fbbba08443d719c48a16380a4c7bca_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1932
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\03fbbba08443d719c48a16380a4c7bca_JaffaCakes118.dll,#1
      2⤵
        PID:2208

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2208-1-0x00000000001B0000-0x00000000001B5000-memory.dmp

      Filesize

      20KB

    • memory/2208-0-0x0000000010000000-0x0000000010035000-memory.dmp

      Filesize

      212KB