742e6dc265b165369150b429ba002f5f25c42c505de7481cefdaa4065ae83660

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24/06/2024, 07:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe
Size

10.5MB
MD5

073e2de813650c64b8a2cb477c545416
SHA1

89bf883df3b3c4d22405c8744eabf0781064c25f
SHA256

742e6dc265b165369150b429ba002f5f25c42c505de7481cefdaa4065ae83660
SHA512

e8751642ed28f86af6fa5f725797e0edf5dbc630454b21a8fe26d7e6ef2a393fccb2f606b8b9d00298436f56b07f2d00af0964704fd71901f0d20f150d196f61
SSDEEP

98304:EcKGjGHGOGjvaHGOGj7H9HGOGMGjvaHGOGjOHGOGMaHBj7cjGHGOGjvaHGOGj7HH:E0

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1236	jnduia.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1236	jnduia.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
1236	jnduia.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1236	jnduia.exe
1236	jnduia.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4676 wrote to memory of 1236	4676	073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe	80
PID 4676 wrote to memory of 1236	4676	073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe	80
PID 4676 wrote to memory of 1236	4676	073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe	80

C:\Users\Admin\AppData\Local\Temp\073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4676
- C:\Users\Admin\AppData\Local\Temp\jnduia.exe
  C:\Users\Admin\AppData\Local\Temp\jnduia.exe -run C:\Users\Admin\AppData\Local\Temp\073e2de813650c64b8a2cb477c545416_JaffaCakes118.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:1236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jnduia.exe

Filesize
11.8MB

MD5
a61ab3e73caecbf7a58930b7ea408847

SHA1
fc4d23766149db6dc6f7f97557111c759d206b9b

SHA256
fdc3139ee660a6d0af1f8072e1056b3d75cc0b06b2985bb07dfd07a387fc6086

SHA512
c3a2f9756dd8806c205f294ef55515c68427aabbde4da0d2fdbd9072568a8844f5813582f70de4b9c5037bbb2fbe8ec3020fe370947e0d6f4481af45bbf55312

Download Submit
memory/1236-60-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/1236-65-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4676-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4676-1-0x0000000002200000-0x0000000002250000-memory.dmp

Filesize
320KB

Download
memory/4676-52-0x0000000002490000-0x0000000002491000-memory.dmp

Filesize
4KB

Download
memory/4676-51-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download
memory/4676-50-0x0000000002440000-0x0000000002441000-memory.dmp

Filesize
4KB

Download
memory/4676-49-0x0000000002480000-0x0000000002481000-memory.dmp

Filesize
4KB

Download
memory/4676-48-0x0000000002450000-0x0000000002451000-memory.dmp

Filesize
4KB

Download
memory/4676-47-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/4676-46-0x00000000024A0000-0x00000000024A1000-memory.dmp

Filesize
4KB

Download
memory/4676-45-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-44-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-43-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-42-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-41-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-40-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-39-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-38-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-37-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-36-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-35-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-34-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-33-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-32-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-31-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-30-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-29-0x0000000002300000-0x0000000002301000-memory.dmp

Filesize
4KB

Download
memory/4676-28-0x00000000022F0000-0x00000000022F1000-memory.dmp

Filesize
4KB

Download
memory/4676-27-0x00000000022B0000-0x00000000022B1000-memory.dmp

Filesize
4KB

Download
memory/4676-26-0x0000000002280000-0x0000000002281000-memory.dmp

Filesize
4KB

Download
memory/4676-25-0x00000000022C0000-0x00000000022C1000-memory.dmp

Filesize
4KB

Download
memory/4676-24-0x0000000002290000-0x0000000002291000-memory.dmp

Filesize
4KB

Download
memory/4676-23-0x00000000022A0000-0x00000000022A1000-memory.dmp

Filesize
4KB

Download
memory/4676-22-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/4676-21-0x0000000002C20000-0x0000000002C21000-memory.dmp

Filesize
4KB

Download
memory/4676-20-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-19-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-18-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-17-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-16-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-15-0x00000000021B0000-0x00000000021B1000-memory.dmp

Filesize
4KB

Download
memory/4676-14-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-13-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-12-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-11-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-10-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-9-0x0000000002C30000-0x0000000002C31000-memory.dmp

Filesize
4KB

Download
memory/4676-8-0x00000000021D0000-0x00000000021D1000-memory.dmp

Filesize
4KB

Download
memory/4676-7-0x0000000002190000-0x0000000002191000-memory.dmp

Filesize
4KB

Download
memory/4676-6-0x0000000002160000-0x0000000002161000-memory.dmp

Filesize
4KB

Download
memory/4676-5-0x00000000021A0000-0x00000000021A1000-memory.dmp

Filesize
4KB

Download
memory/4676-4-0x0000000002170000-0x0000000002171000-memory.dmp

Filesize
4KB

Download
memory/4676-3-0x0000000002180000-0x0000000002181000-memory.dmp

Filesize
4KB

Download
memory/4676-2-0x00000000021C0000-0x00000000021C1000-memory.dmp

Filesize
4KB

Download
memory/4676-55-0x00000000005A0000-0x00000000005A1000-memory.dmp

Filesize
4KB

Download
memory/4676-54-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/4676-53-0x0000000002C10000-0x0000000002C16000-memory.dmp

Filesize
24KB

Download
memory/4676-63-0x0000000002200000-0x0000000002250000-memory.dmp

Filesize
320KB

Download
memory/4676-62-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download