Analysis
-
max time kernel
133s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
28/06/2024, 10:54
General
-
Target
19db46641ec71bd1baaa1a44f02568de_JaffaCakes118.dll
-
Size
51KB
-
MD5
19db46641ec71bd1baaa1a44f02568de
-
SHA1
8248d0f631425f3745dcb320c237930316c68c51
-
SHA256
7cd6c63cff6ba8dad2ab7d4a56f50dce32bd45415c4557d4cf568253b2542162
-
SHA512
474b0904a75b1c00c15497e3325b33e72c8a03ceb86725927786db65f76919a3b4ce42ba2380304ee32bd1778ac398264d877c417f58fc1248fe705aee205896
-
SSDEEP
768:nbY4lwAiYRtQn1M11I7TAjk7qj70tME2VyCc4HAsBsbJztt6KcoRAm69Q:EGTnQ1M8oPjXNncyH23mohMQ
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\19db46641ec71bd1baaa1a44f02568de_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\19db46641ec71bd1baaa1a44f02568de_JaffaCakes118.dll,#12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4300,i,11749492925348081608,8895412282206755658,262144 --variations-seed-version --mojo-platform-channel-handle=1288 /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
52KB