Overview

overview

7

Static

static

3

0da003b9fe...18.exe

windows7-x64

7

0da003b9fe...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25-06-2024 09:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0da003b9fe696ee3185ea20f63bf0842_JaffaCakes118.exe

  • Size

    282KB

  • MD5

    0da003b9fe696ee3185ea20f63bf0842

  • SHA1

    d77ea7e8ec070abc063398d84780c297dc1855df

  • SHA256

    9d0979dd632ec8bdbbc0d9d8ba26cba67e92241dae810902b3e6e92cb7279d66

  • SHA512

    dfd6dacf363e0e6bcb864737706e359611c37c7f1106a3124ce79b660e2285a7939146b76f2eac5bae77d2db8c7f2bcba0eb70f60ba8aabf0f3105177efe1a7b

  • SSDEEP

    6144:cEKTUVXxexXry6MGdXOA6CFeC5MHf9+IiAWfqU5OmBROK2X1JF9U73bc7dL6Iy7Q:cEiWX4BG6jewfMf9EAWiUpiMuLbK45

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0da003b9fe696ee3185ea20f63bf0842_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0da003b9fe696ee3185ea20f63bf0842_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu-04AC.dll
    Filesize

    249KB

    MD5

    adb647de203421001356defee6fa3dab

    SHA1

    393278ddf756d236be35779666066c544acc7458

    SHA256

    c96807e91b41cbf4db5d3a97cc68662df344912f310b738b045501ac2c9eb5fd

    SHA512

    62024663db7af728ada8f73772c30d9ac9ec3486f0b1cd04c918d3ef3aa09d696c3dc063611b7fb6b661b0acc875f1cbd0ec73f9caab4cbdae83f652f294e821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{23165B67-8AF3-6342-81A9-C2D1F8F57991}\_Setup.dll
    Filesize

    169KB

    MD5

    595458696f906577db8f3ff737609aae

    SHA1

    aa3a6e42ce0219a27f956ba3cf6197051da5d84f

    SHA256

    cf46cc397954a6be26a3dc94d2370c00f175231c897be060d53c465cc06bab81

    SHA512

    f23721550d02acda9b2429309e52b5a2675eb760b9c36ab4473636bf6f8d9c1835fedc44d45cf8adb7848879c4fabe45d09937903cbd9718caa287c1ed4eb648

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{23165B67-8AF3-6342-81A9-C2D1F8F57991}\_Setupx.dll
    Filesize

    22KB

    MD5

    d60016e0c131f41b19004fdedd805d86

    SHA1

    3504f9fb4e7fa0a4705d658c879f6862f60946e5

    SHA256

    b5135a0209978e9b88f77ae4e3567d8ab8f241bb6f3723c68f998d247cb01952

    SHA512

    398444d4befe6816e7029d6df8637ba5ad2a3060012386c9d199249507cd160abc11f46b7257bd1f1c87178802dc66552d3b02d5bb3e4730f0c429451a111573

    Download Submit