Overview

overview

6

Static

static

3

168e1872eb...18.exe

windows7-x64

6

168e1872eb...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 15:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    168e1872ebb849d6523ca24c3a48019a_JaffaCakes118.exe

  • Size

    495KB

  • MD5

    168e1872ebb849d6523ca24c3a48019a

  • SHA1

    4083773dd337dde4fe95596e30c401bb5c4ccf31

  • SHA256

    860c9426ec428f9e1b4b0c5f4ecafbcd777c54b57712a2a11c306054623f3684

  • SHA512

    3a7425d550b7d83613e0dc17f5264eb993b7232b66effd8d508d1131369089fcf0c76b858277e203a42bcbe4b255a9494f8722420379552a1747d29ab8c7c7c9

  • SSDEEP

    6144:irPFRI6zSZ8DTtx1HhDF2idZecnl20lHRxp3gTncduD7yB9VCO6Sco4q8+dE6Cqx:iTFRnzSexThF3Z4mxxgDqVTVOC

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in System32 directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\168e1872ebb849d6523ca24c3a48019a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\168e1872ebb849d6523ca24c3a48019a_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    PID:1180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1180-0-0x0000000000400000-0x00000000004C9000-memory.dmp

    Filesize

    804KB

    Download

  • memory/1180-1-0x0000000000390000-0x00000000003E4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/1180-4-0x0000000000560000-0x0000000000561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-12-0x0000000003230000-0x0000000003232000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1180-11-0x0000000003240000-0x0000000003241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-10-0x0000000000500000-0x0000000000501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-9-0x0000000000570000-0x0000000000571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-8-0x0000000000540000-0x0000000000541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-7-0x0000000000550000-0x0000000000551000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-6-0x00000000004E0000-0x00000000004E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-5-0x00000000004F0000-0x00000000004F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-3-0x0000000000510000-0x0000000000511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-2-0x0000000000530000-0x0000000000531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-17-0x0000000003250000-0x0000000003251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-16-0x0000000003260000-0x0000000003261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-15-0x0000000003270000-0x0000000003271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-14-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-13-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-18-0x0000000003290000-0x0000000003291000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-19-0x0000000003280000-0x0000000003281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-22-0x00000000032C0000-0x00000000032C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1180-23-0x0000000000400000-0x00000000004C9000-memory.dmp

    Filesize

    804KB

    Download

  • memory/1180-25-0x0000000000390000-0x00000000003E4000-memory.dmp

    Filesize

    336KB

    Download