Overview

overview

7

Static

static

3

19677c8fc0...18.exe

windows7-x64

7

19677c8fc0...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 08:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118.exe

  • Size

    4.6MB

  • MD5

    19677c8fc089e1b9dbc091cd3c2a434e

  • SHA1

    ce298cada5f5f4027fedbf2e9f47ada84477116c

  • SHA256

    646c76a53ac0a8de7300e0c8ad8e55b0d2eb727395553cd8e5512e065e630d2f

  • SHA512

    b4b62435de4aa327ea04f5d2f8af9164e1465973acfa4b3eaade9f3aa948854b1037b351e9767d97a0698e16eb4e4c7f5d8b2089162e3a690e24c90dc745ebfc

  • SSDEEP

    49152:QrwrvdfLgyjRQxYQoGS9zJTI9i+iiAghm4MfPkwk6DlfX+KWF4evK+NZf8iCNcxm:oEUYB+ii/w1swk6D8KuTPz19cSCwC

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\19677c8fc089e1b9dbc091cd3c2a434e_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1452
    • C:\Users\Admin\AppData\Local\Temp\MGS1D12.tmp
      C:\Users\Admin\AppData\Local\Temp\MGS1D12.tmp
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2264

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\GLC1E98.tmp
          Filesize

          161KB

          MD5

          09e59d00df5d2effd8dd9b30385cb9d2

          SHA1

          0fa0d3f6692f31fdabefb719b0f7a28cbf5d5415

          SHA256

          1c574eab5e83ccfe5a0bb7b59e028cc5fa2f4e77868051e305d83c709711ff77

          SHA512

          d73e3832777341a4176dbd9988002ec94a32f162492e869a8c03d9bb10f1833821f99e15710e9fc103a2820c862cf14a0b990d7c7c09150bb14618a7c93ca5fd

          Download Submit

        • \Users\Admin\AppData\Local\Temp\MGS1D12.tmp
          Filesize

          4.6MB

          MD5

          68e82cb3e640d39ebfb32c79feac3a55

          SHA1

          f526b9b448c55b400739e8f7320e9f911f6a55d2

          SHA256

          2d8cfd7cf8123ba67eb45145d2ccad35780d47cdc96c0546c8500be436905419

          SHA512

          257662f05b2015328828d219771b0f0a412be83577fc64f849d923a4dbad1a9b34d6fac67e59f51133340bb6c51905f0576256d61284e7e45cd1024c2d7ba7fe

          Download Submit