Overview

overview

7

Static

static

3

15aeb995ec...18.exe

windows7-x64

7

15aeb995ec...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 10:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    15aeb995ecf41ef0555a7123c1d98a14_JaffaCakes118.exe

  • Size

    404KB

  • MD5

    15aeb995ecf41ef0555a7123c1d98a14

  • SHA1

    edeb0b5b15baa0955ddc5bf64e76f67d75223038

  • SHA256

    f803f21a460ec5596445d324fe64b64a12d5750a0540a5dee43114ac7f200c06

  • SHA512

    5c42c0ab53c3252489cbc0291abc9f6876e2ffc9c9de7c0b1bf8b7aee9ba4fb4a9d46eca09c9ac3f92dffc5bff4d3056cb1371eac509b050a143cdf1301d61eb

  • SSDEEP

    6144:gbA/l/nBaiVAMrCJEikcX0jmH+G9vC1N7GtN9qmnIYwJSo:cA/l/BDVdrCh1X0jo+G9M7GtN9NwJ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15aeb995ecf41ef0555a7123c1d98a14_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\15aeb995ecf41ef0555a7123c1d98a14_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1420
    • \??\c:\program files\ReAlplay\available\platforms.exe
      "c:\program files\ReAlplay\available\platforms.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2420

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files\ReAlplay\available\platforms.exe
          Filesize

          404KB

          MD5

          c482f83acb3891a61910678f30ca106b

          SHA1

          b650101272e78476699cada7a1e47e792d54a44a

          SHA256

          f17bf0ba5c86c62c85c979867ef2c0a3fc88f5793e5ebe8fe13e9fc8b685fb7c

          SHA512

          9df7a0b79ad8061350823a4d6993f7e3e8f7a6cc37d52a0cf8004c22f544c4adf8f7ba1f86ae59a74feab23d1d169d750612c8e9896f2db1a093b8cf5cc763a3

          Download Submit