Overview

overview

7

Static

static

3

09e130f6f7...18.exe

windows7-x64

7

09e130f6f7...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/06/2024, 17:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    09e130f6f7840f0b9b38a6d93cd969de_JaffaCakes118.exe

  • Size

    464KB

  • MD5

    09e130f6f7840f0b9b38a6d93cd969de

  • SHA1

    3159890fb96c60c71ed5365de009226d089c97aa

  • SHA256

    270bd28a5b05a13315a8307378c3b5c33ed1b1e3cd87716a2d2a6bd597f59d23

  • SHA512

    d0a66bdcd091c81a5ab9656e0adb85a2aa5e20a9e87d9c5de31f42d79dbd0971ae2dcbf2acf490bb8610fc67d57fd9c65695dc74ce72d2fe5d1a28e472065d9f

  • SSDEEP

    12288:rZ7ElP0pGufmL5MZZWyan1sVsz/YM5m+J6t5tzD:FEloLmLOLWtn1r5hEtDf

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09e130f6f7840f0b9b38a6d93cd969de_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\09e130f6f7840f0b9b38a6d93cd969de_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3184
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3184 -s 900
      2⤵
      • Program crash
      PID:4508
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3184 -ip 3184
    1⤵
      PID:1404

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3184-0-0x0000000000550000-0x0000000000556000-memory.dmp

            Filesize

            24KB

            Download

          • memory/3184-1-0x0000000001000000-0x00000000010AA000-memory.dmp

            Filesize

            680KB

            Download