eebaa8e88cf692a7211ef3e6b69af16534a6f42bcf37a526e9e989e3ba67341c

Analysis

max time kernel
141s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
20/06/2024, 09:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe
Size

361KB
MD5

04d231e558ce6693152aa27529aefaa6
SHA1

854309f5a089a0acc00ac30fc20b13c944d55d09
SHA256

eebaa8e88cf692a7211ef3e6b69af16534a6f42bcf37a526e9e989e3ba67341c
SHA512

98be47a6576e45b78bf23300da075ff5b977053e478cbeaed8e4224e96af2b003782abde19c93a195005197a51c955d37954fac38e3a06e38675efff2ee0d7d7
SSDEEP

6144:+3hcZaHRF2idZecnl20lHRxp3gpFicV4RFxrX4xXNtHKoyCCOlyTiVm2GkyZ3:ShuYF3Z4mxxWic6o9ozQVm2Gku

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
764	opin.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\opin.exe	04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\opin.exe	04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 4256	2376	04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe	83
PID 2376 wrote to memory of 4256	2376	04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe	83
PID 2376 wrote to memory of 4256	2376	04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe	83

C:\Users\Admin\AppData\Local\Temp\04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\04d231e558ce6693152aa27529aefaa6_JaffaCakes118.exe"
1⤵
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c .\delmeexe.bat
  2⤵
  PID:4256

C:\Windows\SysWOW64\opin.exe
C:\Windows\SysWOW64\opin.exe
1⤵
- Executes dropped EXE
PID:764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\delmeexe.bat

Filesize
235B

MD5
a995c2f569fbf84e4d78184babea5a6a

SHA1
cde6cac463ec4d59c21c7c3cf3d9928e9c4913dd

SHA256
bc6dbbd6cbad17293f4c3c73d2f4dcbb9921b08c11f87c75e4d978b487c8a71c

SHA512
05d14bc1b1827509d5d351bb819b407767ca38b6708d9d4c1e103fdaf7154ffcdcc3891fdaa4b9826b6f79a0dcc471127a1b3917d3fbf22a91aeedf786eb5f1e

Download Submit
C:\Windows\SysWOW64\opin.exe

Filesize
361KB

MD5
04d231e558ce6693152aa27529aefaa6

SHA1
854309f5a089a0acc00ac30fc20b13c944d55d09

SHA256
eebaa8e88cf692a7211ef3e6b69af16534a6f42bcf37a526e9e989e3ba67341c

SHA512
98be47a6576e45b78bf23300da075ff5b977053e478cbeaed8e4224e96af2b003782abde19c93a195005197a51c955d37954fac38e3a06e38675efff2ee0d7d7

Download Submit
memory/764-68-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-72-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-70-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-69-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-73-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-67-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-65-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-64-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-63-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-74-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-62-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-61-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/764-59-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2376-44-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-36-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-57-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-56-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-54-0x0000000000630000-0x0000000000684000-memory.dmp

Filesize
336KB

Download
memory/2376-55-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-53-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-52-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-51-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-50-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-49-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-48-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-47-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-46-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-45-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-0-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2376-43-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-42-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-41-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-40-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-39-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-38-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-37-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-58-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-35-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-33-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2376-34-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-32-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-31-0x00000000032A0000-0x00000000032A1000-memory.dmp

Filesize
4KB

Download
memory/2376-30-0x00000000032B0000-0x00000000032B1000-memory.dmp

Filesize
4KB

Download
memory/2376-29-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-21-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-6-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/2376-5-0x0000000002300000-0x0000000002301000-memory.dmp

Filesize
4KB

Download
memory/2376-22-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-7-0x0000000002330000-0x0000000002331000-memory.dmp

Filesize
4KB

Download
memory/2376-8-0x00000000022C0000-0x00000000022C1000-memory.dmp

Filesize
4KB

Download
memory/2376-17-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-18-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-16-0x00000000032A0000-0x00000000033A0000-memory.dmp

Filesize
1024KB

Download
memory/2376-9-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/2376-10-0x0000000002320000-0x0000000002321000-memory.dmp

Filesize
4KB

Download
memory/2376-11-0x0000000002310000-0x0000000002311000-memory.dmp

Filesize
4KB

Download
memory/2376-12-0x0000000002340000-0x0000000002341000-memory.dmp

Filesize
4KB

Download
memory/2376-13-0x00000000022D0000-0x00000000022D1000-memory.dmp

Filesize
4KB

Download
memory/2376-1-0x0000000000630000-0x0000000000684000-memory.dmp

Filesize
336KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads