Overview

overview

7

Static

static

7

17146e7e49...18.exe

windows7-x64

7

17146e7e49...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-06-2024 18:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17146e7e49d3853340f4baaab866bc52_JaffaCakes118.exe

  • Size

    422KB

  • MD5

    17146e7e49d3853340f4baaab866bc52

  • SHA1

    12354f244b2d71b2e158a0ed9ba691fba0b04f62

  • SHA256

    dab13261b198dbc5b593338baeafd275d72436a748e8eec0ac322102c08deb51

  • SHA512

    865e577187bbf80853955fae1ed26bdfcda721898af562ce4423abc0254f3bf240b63960346efd5b8441ba22e616e5ce0da59a0761a4fdd7d48aa6e5f33ef213

  • SSDEEP

    12288:nzfZxFMZBxll33QYeFLXStaeHE1uH633aLh9nm8r:nzfZxFG/TMXSpHE1faLhlm8r

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\17146e7e49d3853340f4baaab866bc52_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\17146e7e49d3853340f4baaab866bc52_JaffaCakes118.exe"
    1⤵
      PID:4028
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3644 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:1880

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4028-0-0x0000000000400000-0x0000000000557000-memory.dmp

        Filesize

        1.3MB

        Download

      • memory/4028-1-0x0000000000400000-0x0000000000557000-memory.dmp

        Filesize

        1.3MB

        Download