Analysis
-
max time kernel
142s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
24/06/2024, 08:27
General
-
Target
0773670c99ebfe9200c878fd8c34782d_JaffaCakes118.dll
-
Size
101KB
-
MD5
0773670c99ebfe9200c878fd8c34782d
-
SHA1
13917bac8a264c933e3f32bfe39fca9b7f90ebef
-
SHA256
5a90ed9271a34a9cf81f3bfafc5c7ae319b3bb1b7bb151d65694c35fdab1b636
-
SHA512
663fde8f55e1a2b60c58987443c55343e009bf40f0d289d3799f9c2d5632f4993113457b2842f4007bc9a4c316e46308d9b60a746dc0fbfb9f686e5d9b3b2bae
-
SSDEEP
1536:enin2eciGfPpHJejKh1T7iLLWh1m5UEDBDW6c9w/qesF:D4iGfSKjTOLLm1cUEDBK6lqp
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0773670c99ebfe9200c878fd8c34782d_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0773670c99ebfe9200c878fd8c34782d_JaffaCakes118.dll,#12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3760 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
60KB