Overview

overview

7

Static

static

3

06787fbd7a...18.exe

windows7-x64

7

06787fbd7a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    55s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 13:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    06787fbd7a3443f4351ec3086490e1b0_JaffaCakes118.exe

  • Size

    75KB

  • MD5

    06787fbd7a3443f4351ec3086490e1b0

  • SHA1

    0ed6299c94cd8e64c7cc0ae9e579ba6aeaec38da

  • SHA256

    1c4f5dcedf476f1e15540138c593c823aec7d90521f629cd929d782ae1264c66

  • SHA512

    4160420952779c3bd88880b23bcfc842c7f7e8da35a2629ee10df573aa3e38a5159a3aec56018361310af84f2b5479891fafa4f2dc772fbc4e2ed771399a65d8

  • SSDEEP

    1536:AIqlamQH56zjAkqyQLGj5N0PQYPiHCj/TngCzS9aUeJRLPM:k3zjhUGsHVgCzS9aPRLM

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06787fbd7a3443f4351ec3086490e1b0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\06787fbd7a3443f4351ec3086490e1b0_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:3580

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Common Files\microsoft shared\MSInfo\atmQQ2.dll
          Filesize

          54KB

          MD5

          1977edd593550bf9d9bc4d4e4d1879e1

          SHA1

          6769c3591a4b725c9a14bf385c0db48c738621d7

          SHA256

          b50d4c5853e65a73e33e438ba985cda8462d4a145f113353aa3133c40c06bba2

          SHA512

          1e97cce3de4eb95308679986bcfd0eee306224a0c5ba0379717645de360cc309b571bfad442717ec2bb66438df23021b22152ae230b78c82e9fd060634586c3e

          Download Submit

        • memory/3580-4-0x0000000000460000-0x0000000000472000-memory.dmp

          Filesize

          72KB

          Download

        • memory/3580-7-0x0000000000400000-0x0000000000419000-memory.dmp

          Filesize

          100KB

          Download

        • memory/3580-8-0x0000000000460000-0x0000000000472000-memory.dmp

          Filesize

          72KB

          Download