Overview

overview

8

Static

static

3

0d5ce7c9cf...18.exe

windows7-x64

8

0d5ce7c9cf...18.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-06-2024 08:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0d5ce7c9cfae580d897ea908b01444d0_JaffaCakes118.exe

  • Size

    124KB

  • MD5

    0d5ce7c9cfae580d897ea908b01444d0

  • SHA1

    7893fd39d0404d73814b2dd9159d7646f707c188

  • SHA256

    912ec366cc77cbdeee56f594fb45f539ebc2b5214cccbec537c62ce562ede5e3

  • SHA512

    dceb7b240c4a5f2e85ba5af454a42c1fd10cdcdf4d30cf18894c11b243e4ecec75b2f1b629e6a536fd67789f39f00c3ca01a605d3fc21c45386366ef0fde0cd2

  • SSDEEP

    1536:GcZrDj4PbVmsGAEDOXduSB7ffztvLGrDj4PbVmsGwEDOJE:7pDjUpmPFiDB7fSDjUpmP1iJE

Score
8/10
persistence

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in Windows directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d5ce7c9cfae580d897ea908b01444d0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d5ce7c9cfae580d897ea908b01444d0_JaffaCakes118.exe"
    1⤵
    • Drops file in Drivers directory
    • Adds Run key to start application
    • Drops file in Windows directory
    • Suspicious use of SetWindowsHookEx
    PID:4664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads