0e376c8479fc1420d90fb3cd5a54a7ceb80fa2bb12d8abef0500d1e73d0c1460

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
25-06-2024 08:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
Size

6.4MB
MD5

0d5c9f158a4ae10cfe79356bdff7c9f5
SHA1

2e0dcf1a7184200ce42a02e3d76e0ba42745418f
SHA256

0e376c8479fc1420d90fb3cd5a54a7ceb80fa2bb12d8abef0500d1e73d0c1460
SHA512

d83118cc76105dbc9867f7676054129d8ac9bed99a5d35b43328c8ea4619c7ac3ba7c40ff8bbae59fa51720cf14ecd5a0c29330b24c44f7bcc22af23b425dfd7
SSDEEP

196608:Gq4WHr0DpFC4g0AVIGv38ZJ9BIBxIF+uc4MgdqXdqJIMM:JILgtIGiYXIFuQqXdY7

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 8 IoCs

pid	Process
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
600	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 4904 wrote to memory of 600	4904	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe	81
PID 4904 wrote to memory of 600	4904	0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe	81

C:\Users\Admin\AppData\Local\Temp\0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4904
- C:\Users\Admin\AppData\Local\Temp\0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\0d5c9f158a4ae10cfe79356bdff7c9f5_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  PID:600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI49042\VCRUNTIME140.dll

Filesize
98KB

MD5
6ba0dbcd2db8f44243799c891dbd2a59

SHA1
30a2719d4b8667fd237bcfb781660901c993d9fc

SHA256
263988a0868053b6b01835cd2959c8f71e3f943610421b269da646f2d9e3b333

SHA512
94dea85ef50d55cec0d1bbae4671386ce8ca02e870ce417abfef0a8499fdf0bd0eb5ba38debd07c213f7da39cbea63a18143484b05e9c7ca36b2f68e4520bb4d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\_bz2.pyd

Filesize
84KB

MD5
6909da62abc73216883a89a60b66e73b

SHA1
015eb36344e5f3fe2df467bd47a04bded616b052

SHA256
4c22e0d2786dd7e93f55e1f4a1c27d2e141a55682ed2c09b90320817fcf011f9

SHA512
eddabb51b6092b3c3e3b6968ea831a262f8f5f8a26b1c95badc616ca236d0928aa789334835130ec40137ffc623b5d2031a585e890162b489a26fd990845b63a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\_ctypes.pyd

Filesize
123KB

MD5
ffde1baacbe6729ad5246068870915a4

SHA1
2d42751140fc244f19dece6b1948b2b67d36bab4

SHA256
cc839990fb1020520731c35a183c83c9dc927aa78fa6b149a92a39e9d156c8b8

SHA512
1ac3ec986c55af37eb93d35a15e8a64726e5154240c0c5aac8286f7e347c678482ec65c62b454cf237023253642335ce6b3f6c0cc084e1527e61d48aaf7752f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\_lzma.pyd

Filesize
247KB

MD5
af8385e0cb374ae6caee59190175dd12

SHA1
a16d7d021ec3fa31fb1b2ce5929c2d3d4c96d6b8

SHA256
e414ee3efa6a4e1edf610dd780335ab9372cbe7919a73596bbb267b55ad23999

SHA512
3e4e26bbcf14ebcb4faedb8982c46b3f5318c88dd395c668c50e4f5ddbfe6c1836eb49e49e855cc95934e8247e63df0f7543f66e4fe13335558fc21c0c566b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\_socket.pyd

Filesize
77KB

MD5
fc47a3b4dc7353591970a20678b90a81

SHA1
5ca5436e0c66f468bb48b5ea16c69125fcc34bea

SHA256
4e7ee0ecf839c42d96c53309384737e8f84bb5e90ecd20d511cc3fc6ec135f44

SHA512
8f52f33ce49bc38a9356d46c63aef4f8f05d491377f4969f52fd84f83712faed3d9637044d27583bf06fc52687667b630ba8d2eb8ee27f4a810520df5499b725

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\base_library.zip

Filesize
761KB

MD5
de7f1fe23b350e5d5a84403438da95be

SHA1
51258d57aa8054bf4199932d0cbe5f94b90be316

SHA256
d33eb36ba753ff251c08b54ba99200598d7749f4d2944d4cfed1dd10d6a2779e

SHA512
252f497e9160185198c1af8fd3a996570ea1676543fa01cea1c7a51ad8a5913d640a7e75acd87d91d81c32630bf444558b4702118edf79f670af9396b4638d92

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\libffi-7.dll

Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\python38.dll

Filesize
4.0MB

MD5
c0ed63bf515d04803906e1b703e9cb86

SHA1
61f9a465d7a782aedfd5e2b1a9dc8bff6c103b5a

SHA256
24bfc999a733d4759ca40425610555f597b1d015f87ef5f84e15c665297247a4

SHA512
78384c34cefc40cb86913dffdc6a360668467731a8a3678d5f8377d8ae63d244b45506b0b6e2498825b53abe8fd84d2b75b3e9fef3703fead90183ace433e70a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49042\select.pyd

Filesize
26KB

MD5
f4887f1d906dc336fe0c3f7dbb720ca3

SHA1
67def676ad3569029d2a357a40a138fc7570bdcc

SHA256
36552bc64127d4866c657c9b74c0399baad70957a5380896fd8202e3a6bb7b4f

SHA512
51006d164c2512adfab92d22be5fed7c093cb647821045a6cdfd2ed7a30d94e620a446b8434b3e91d5544ef737e1492f3dc6c29cadbfdfa5e41df7fb5106a301

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads