Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25-06-2024 23:55

General

  • Target

    0ffff4a3b0d01a41806af134c8c3c4a6_JaffaCakes118.exe

  • Size

    272KB

  • MD5

    0ffff4a3b0d01a41806af134c8c3c4a6

  • SHA1

    9732d27330679bdb49be84908010e42e5447c224

  • SHA256

    ee3de0972b839ce801d88ed0ce2946aa8900d0f11e497bb703f17d59596a1ec0

  • SHA512

    9e77aaa28643cffb6b5c23422994163cfcd9a84e8791dcebb57a3197b7c35904ebb5b902dbf7349257ccd35e03290cbe855ca4ec88d659b66a090f11a1f0ebdb

  • SSDEEP

    3072:jSfuePNgafhTuMJUn2hjuoClIxZ009CxykFSc05qOk0J2nvb8jrrJecYAWGPABij:mHNgEh/JuoMQF9CxX/tO7JS4PIcJCi

Score
10/10

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ffff4a3b0d01a41806af134c8c3c4a6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0ffff4a3b0d01a41806af134c8c3c4a6_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2444-2-0x0000000000290000-0x00000000002A2000-memory.dmp

    Filesize

    72KB