Overview

overview

7

Static

static

3

06e58c252c...18.exe

windows7-x64

7

06e58c252c...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 01:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06e58c252ceaf1137a2b65789b42bb57_JaffaCakes118.exe

  • Size

    575KB

  • MD5

    06e58c252ceaf1137a2b65789b42bb57

  • SHA1

    421475c0441587bd5eeb2d1dc0bd24321d7721a0

  • SHA256

    d3a5b6eee5cc86ebd3dfcb0b071a96c93925c762ff01bec3bf636b64800c69e8

  • SHA512

    d057c4bf86eb537e333fddf68681138d365656eb0676a884a2ae3362cfc7b2a87d07cd31f9bbd4e8b33132c317fcdc2d864edef6a4319efe00729cff8879f35d

  • SSDEEP

    12288:Ahp1iPSgwQrHpjvgjLjVndzpwkct5jqUy2YApT+Db4nc8mIqW:Ahp1iqEb9oVdaF5mnAla4N0W

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06e58c252ceaf1137a2b65789b42bb57_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\06e58c252ceaf1137a2b65789b42bb57_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.1MB

    MD5

    638e737b2293cf7b1f14c0b4fb1f3289

    SHA1

    f8e2223348433b992a8c42c4a7a9fb4b5c1158bc

    SHA256

    baad4798c3ab24dec8f0ac3cde48e2fee2e2dffa60d2b2497cd295cd6319fd5b

    SHA512

    4d714a0980238c49af10376ff26ec9e6415e7057925b32ec1c24780c3671047ac5b5670e46c1c6cf9f160519be8f37e1e57f05c30c6c4bda3b275b143aa0bf12

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_N4\xplib.fne
    Filesize

    48KB

    MD5

    37a58e1c5ce48e401ee8dd1d1da54814

    SHA1

    a87d00d78838c2d968b72330ee6f21f69b2caae5

    SHA256

    1c426928fb90bedb31fcffa0f3fbe7bdbca4259f93f5abdefed6a9a089f2982c

    SHA512

    e85052fc305040bdcaf47262e0ce6eef0848b319baac72a076dc94e7d20ea7ad8fbdd7d5381606a3154ab84fe81429bb339123ac1cd94551b1dc9cecfb7a08bf

    Download Submit

  • memory/2960-0-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2960-6-0x00000000003F0000-0x00000000003FD000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2960-8-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download