Overview

overview

7

Static

static

3

0dab8b5a1e...18.exe

windows7-x64

7

0dab8b5a1e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-06-2024 10:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0dab8b5a1e31d4ab57fb7a95f9ca961f_JaffaCakes118.exe

  • Size

    1004KB

  • MD5

    0dab8b5a1e31d4ab57fb7a95f9ca961f

  • SHA1

    f032f8c74f968939416c482908c0ff280686f403

  • SHA256

    9667cb68897be57871e7a55f870ff45ae14c33b6d96cd5407acb979f2f0c67ca

  • SHA512

    5244a7bd7222d9c188658efd53bf4166eafec1eb81069ee3011d22cf8e3c1b1ea3cf8453fd31c2e3c79bc921f8bf323f15f52727330181413d710be3063d6aa6

  • SSDEEP

    24576:b7cBEQrL8Iqhu3lo23NcgBo+A437wdVuyYUpDqQsKNv/gTJVk:/cBEQ/K4lo2NrrqVu8puQss

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\0dab8b5a1e31d4ab57fb7a95f9ca961f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0dab8b5a1e31d4ab57fb7a95f9ca961f_JaffaCakes118.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/432-0-0x0000000000400000-0x00000000004FE000-memory.dmp

    Filesize

    1016KB

    Download

  • memory/432-1-0x0000000000400000-0x00000000004FE000-memory.dmp

    Filesize

    1016KB

    Download