Overview

overview

3

Static

static

3

0ead47bf7b...18.exe

windows7-x64

1

0ead47bf7b...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 16:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0ead47bf7bb064c3c116ef852fcb177f_JaffaCakes118.exe

  • Size

    64KB

  • MD5

    0ead47bf7bb064c3c116ef852fcb177f

  • SHA1

    c3d955755dc757f40cfb7502daa92f7cbbef7526

  • SHA256

    07a2825834075f27927f9f6d59d7d92bc61ba171254e42333117c132134b33b3

  • SHA512

    941e5636dd468e43b5c83fc081c193aa0ba35b3ca48da122a0fb457d11c28c4b8fa2a054fb2cc90d0ae15de2c859e23e931105b4cd62d67347362570fff09a4f

  • SSDEEP

    1536:KpBoWdHaDL1UOUcA1unifKUYJFB6LakRqM:KkWdHaDhocDGKU4fkRqM

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ead47bf7bb064c3c116ef852fcb177f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0ead47bf7bb064c3c116ef852fcb177f_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\bt03852.bat "C:\Users\Admin\AppData\Local\Temp\0ead47bf7bb064c3c116ef852fcb177f_JaffaCakes118.exe"
      2⤵
        PID:3020

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\bt03852.bat
            Filesize

            285B

            MD5

            75badbb78d76bb5e440adddd8ede448f

            SHA1

            17e64c8b21026018a20cce68e6bfae04fb98e768

            SHA256

            047ecb107179b86f39ae6ed7d72fe39c14019c9e5e2735c00b200769b8accdb8

            SHA512

            b575251d4502a88954aecb2bb4f3ee0198ca25a3ccdedeb6b4f64423b2934ed61c737a8be1f466b8f065fa494fb3aca02b9d99210315f059114b68e122d3715e

            Download Submit

          • memory/2420-35-0x0000000000400000-0x000000000041A000-memory.dmp

            Filesize

            104KB

            Download

          • memory/2420-75-0x0000000000400000-0x000000000041A000-memory.dmp

            Filesize

            104KB

            Download

          • memory/3020-13-0x00000000021B0000-0x00000000021B1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3020-71-0x00000000021B0000-0x00000000021B1000-memory.dmp

            Filesize

            4KB

            Download