Overview

overview

10

Static

static

3

0c23d28144...18.exe

windows7-x64

10

0c23d28144...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 02:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c23d28144ba960ed295d3f025dd264c_JaffaCakes118.exe

  • Size

    32KB

  • MD5

    0c23d28144ba960ed295d3f025dd264c

  • SHA1

    250a18bbb60eddb1c1f8334146f40f2654c12a8f

  • SHA256

    a90be6bd0f3d6d0ae3f76efb59e41ba43c31bd7cbb86cc9a8902d2120fab7139

  • SHA512

    b0c6c1c29ef2d41f9e3929fa24b72bfce7e97b3154034eb1442958bd4bc925bae28672c6590221d01a5aea43490c7ecd4572bb4b1d8c328c4c085cbe2ec54bb6

  • SSDEEP

    768:eKNx30nHU9ZgbwdvHNgn2H0g/N+bZiPNpl24X:ey3c09ZgbBnxgqZiVj24X

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    vladyan56.aiq.ru
  • Port:
    21
  • Username:
    u350001
  • Password:
    l6zxtion

Signatures

  • Checks BIOS information in registry 2 TTPs 1 IoCs

    BIOS information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\0c23d28144ba960ed295d3f025dd264c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0c23d28144ba960ed295d3f025dd264c_JaffaCakes118.exe"
    1⤵
    • Checks BIOS information in registry
    PID:2976

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2976-0-0x0000000000400000-0x0000000000454000-memory.dmp

    Filesize

    336KB

    Download

  • memory/2976-1-0x0000000000400000-0x0000000000454000-memory.dmp

    Filesize

    336KB

    Download