Overview

overview

3

Static

static

3

081d1d74b6...18.exe

windows7-x64

3

081d1d74b6...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 10:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    081d1d74b61c523ad2de6651574a0e8f_JaffaCakes118.exe

  • Size

    14KB

  • MD5

    081d1d74b61c523ad2de6651574a0e8f

  • SHA1

    dc4624dafb5f42df026c4ce38664948da813c4f3

  • SHA256

    f52f5a4f04627122f65d20cb5dce4b3ff47a4fa5f5e4c51c81de0868091e7522

  • SHA512

    205379e06816b6ed1a6033c043299c58fb72615eb3e624460248954ea46c5df869b710f82a4887b955faaf137c0f66628fef5f7f8e31fb58b91a947490cfe46f

  • SSDEEP

    384:xIrhZJ4C2RMq2JOadHOf2IsLKGBcPl7wAlj3evsO:xIrt2SqJaCCuplMAJ3evsO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\081d1d74b61c523ad2de6651574a0e8f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\081d1d74b61c523ad2de6651574a0e8f_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2200
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2200 -s 36
      2⤵
      • Program crash
      PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2200-0-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.