Overview

overview

7

Static

static

7

030cfe1dcd...18.exe

windows7-x64

1

030cfe1dcd...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/06/2024, 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    030cfe1dcd1062c3ad8c6c47cdce0ffc_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    030cfe1dcd1062c3ad8c6c47cdce0ffc

  • SHA1

    fa5ff79c8714b7b0f8809916a50eccb2f77caba9

  • SHA256

    c7b50ecd1f3b2c77b78187fbed270dfb9886bf2f59657cbf85d57869e5cdfca0

  • SHA512

    38a2458322ce11a18c8c9de64999f0ccb578ea92a3576bc5313acc7d882667477eb2431b902f6ce6db0c69155d684d26c48230bc798e46ac31b0310eac98d31e

  • SSDEEP

    24576:qkDnwn126Yg6f4MYOT/jGDAqdAQz2kSnJRN7phyJYVKUJ7zbuzj:hnkUKOTjqdACnSJRN7nyJIDSz

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\030cfe1dcd1062c3ad8c6c47cdce0ffc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\030cfe1dcd1062c3ad8c6c47cdce0ffc_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:536
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4456 --field-trial-handle=2744,i,16362475727591565961,3676688664819797550,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4456

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\ConFig.Dat
      Filesize

      839B

      MD5

      1c4263520d6b00063b40fbfd505adc1b

      SHA1

      39abe730b27e68e238078a7b273b10f65df7f12f

      SHA256

      57f53ee1511e05700a5929a829e48ffb78514344dc3715ec9027a59c1cef6232

      SHA512

      669f39212d13483c6d6a674519b9c4afb601097ff2ad5d1acd86091d626dc9f8538047e96e106b2f51c299ba2b61be6bb859c91590fa746eabf2f1f3c853c197

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\ConFig.Dat
      Filesize

      678B

      MD5

      423ba3b7328483fe421f9d4cc72bcd98

      SHA1

      fa7b4e706289e5cac0a0efe2bda1febc96d11119

      SHA256

      63bca5d466036947aae3fb599c987d66303b182e742c819e29aba390efcad90c

      SHA512

      4db1f4bb1e4d7c9354e2fe860819d0336fb7672af5c71a280dfd1fecfe7fd6edfa6be5e3d221c2a7fac4dc35f7afec836e95176136dcf76d40756b1554c4ee0b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\ConFig.Dat
      Filesize

      816B

      MD5

      562fe34bc99e307bdcf9d9322e090aef

      SHA1

      f3fa962a6c7a3035cb9c948d9017276b356e317f

      SHA256

      afcd4616c14a399f80c62131a7cf28a64b4dee2444955408d855a9a16ebaaefd

      SHA512

      8e56a5008fc6c41069a9027d42a7ddc004ed4a1dff0c907804ed18f58f8fb975b1645d9245da22575511076812af80443fd94eb7bf952c0a6e2fb0cfb281e135

      Download Submit

    • memory/536-0-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/536-141-0x0000000000400000-0x0000000000E5D000-memory.dmp

      Filesize

      10.4MB

      Download

    • memory/536-143-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

      Filesize

      4KB

      Download