Overview

overview

7

Static

static

3

0bf0cc2756...18.exe

windows7-x64

7

0bf0cc2756...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    51s
  • max time network
    51s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 02:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0bf0cc2756eb81306c6c2b5ed8068188_JaffaCakes118.exe

  • Size

    6.5MB

  • MD5

    0bf0cc2756eb81306c6c2b5ed8068188

  • SHA1

    430e60d27bcc33fbbbd92c36eea1568e2d780a13

  • SHA256

    40c6a8e069079e800332aeabaca1c78139614e582202d7d53a4d1cf88a5b82f7

  • SHA512

    bd3d750abca732cbdebf5b2da1d5f42c50c9e2f9f4a0e2b03c2d9927c1fdae7699b06ae4907919ba6d6592b8c873a540bfedb4d9b211580e6656c4be7a04b96d

  • SSDEEP

    196608:GKM+gp1DM9onJ5hrZER9xQ3jo4U07+otKnhXN2:CpNM9c5hlER9xA20Sbnh

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0bf0cc2756eb81306c6c2b5ed8068188_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0bf0cc2756eb81306c6c2b5ed8068188_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Users\Admin\AppData\Local\Temp\0bf0cc2756eb81306c6c2b5ed8068188_JaffaCakes118.exe
      "C:\Users\Admin\AppData\Local\Temp\0bf0cc2756eb81306c6c2b5ed8068188_JaffaCakes118.exe"
      2⤵
      • Loads dropped DLL
      PID:4988

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\VCRUNTIME140.dll
          Filesize

          91KB

          MD5

          7942be5474a095f673582997ae3054f1

          SHA1

          e982f6ebc74d31153ba9738741a7eec03a9fa5e8

          SHA256

          8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c

          SHA512

          49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\_ctypes.pyd
          Filesize

          123KB

          MD5

          b74f6285a790ffd7e9ec26e3ab4ca8df

          SHA1

          7e023c1e4f12e8e577e46da756657fd2db80b5e8

          SHA256

          c1e3e9548243ca523f1941990477723f57a1052965fccc8f10c2cfae414a6b8a

          SHA512

          3a700638959cbd88e8a36291af954c7ccf00f6101287fc8bd3221ee31bd91b7bd1830c7847d8c2f4f07c94bc233be32a466b915283d3d2c66abed2c70570c299

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\_socket.pyd
          Filesize

          78KB

          MD5

          0df2287791c20a764e6641029a882f09

          SHA1

          8a0aeb4b4d8410d837469339244997c745c9640c

          SHA256

          09ab789238120df329956278f68a683210692c9bcccb8cd548c771e7f9711869

          SHA512

          60c24e38ba5d87f9456157e3f4501f4ffabce263105ff07aa611b2f35c3269ade458dbf857633c73c65660e0c37aee884b1c844b51a05ced6aed0c5d500006de

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\base_library.zip
          Filesize

          767KB

          MD5

          d8531d2ca0076cc51c6bbca2f8d53394

          SHA1

          a7fec7b09556c0f9c95c11814aec24d3160e7eaf

          SHA256

          2aad9c5662c0b6c25b10a02b5b02c6cb1638ef8a4f6ce16eb807ce2663aaf527

          SHA512

          fa0f1e32273b284c84900a5bf478d833fc67ba78d47799b096f68b7730cf40aa90fc3fb403497842d3a8468b7015b98287061b1c98e42088c51ca8a906912240

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\libffi-7.dll
          Filesize

          32KB

          MD5

          eef7981412be8ea459064d3090f4b3aa

          SHA1

          c60da4830ce27afc234b3c3014c583f7f0a5a925

          SHA256

          f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

          SHA512

          dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\python39.dll
          Filesize

          4.2MB

          MD5

          c4b75218b11808db4a04255574b2eb33

          SHA1

          f4a3497fb6972037fb271cfdc5b404a4b28ccf07

          SHA256

          53f27444e1e18cc39bdb733d19111e392769e428b518c0fc0839965b5a5727a2

          SHA512

          0b7ddbe6476cc230c7bdd96b5756dfb85ab769294461d1132f0411502521a2197c0f27c687df88a2cd1ab53332eaa30f17fa65f93dac3f5e56ed2b537232e69c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI21242\select.pyd
          Filesize

          27KB

          MD5

          a2a4cf664570944ccc691acf47076eeb

          SHA1

          918a953817fff228dbd0bdf784ed6510314f4dd9

          SHA256

          b26b6631d433af5d63b8e7cda221b578e7236c8b34b3cffcf7630f2e83fc8434

          SHA512

          d022da9e2606c5c3875c21ba8e1132ad8b830411d6ec9c4ddf8ebd33798c44a7e9fe64793b8efb72f3e220bb5ce1512769a0398ecc109f53f394ea47da7a8767

          Download Submit