Overview

overview

5

Static

static

3

0bfb94ee00...18.exe

windows7-x64

5

0bfb94ee00...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 02:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118.exe

  • Size

    81KB

  • MD5

    0bfb94ee00d14fd7653b3b3b3acf05ff

  • SHA1

    2195ce527f3ec1792fcfe0fb1737a64b0b4bc0e6

  • SHA256

    8542d76f91b3ef548525058415751752cf5cc8c29af2eea2af92937da559665e

  • SHA512

    10fbf107ec08aa5190967dba107264d5a7252e3bbc45a0ecbbb7a0c2544066c3345223496739d63950f0bce61ac59550c8b2268aff4db18b4cd997664d6dcd4b

  • SSDEEP

    1536:zhYHJQ1Ufz4jyTZNQ29KtqIppPP6hclwSqjo1JSgXURz2A1p5:dKQ1aUyTA29KYwPihclJPez285

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0bfb94ee00d14fd7653b3b3b3acf05ff_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious behavior: RenamesItself
    PID:2392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2392-0-0x0000000000416000-0x0000000000427000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2392-1-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/2392-3-0x0000000000416000-0x0000000000427000-memory.dmp

    Filesize

    68KB

    Download