Overview

overview

3

Static

static

3

228e3635bc...18.dll

windows7-x64

1

228e3635bc...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2024, 13:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    228e3635bc5373700c25668cb855278d_JaffaCakes118.dll

  • Size

    584KB

  • MD5

    228e3635bc5373700c25668cb855278d

  • SHA1

    26379d384852cd4a309aaa0f0f72ab2a45d2db62

  • SHA256

    293058e701935421c88a0a743b3c63b16910ac0f64f7ad6cd79fe13e2a698ca8

  • SHA512

    be8f3b40cfdd5411de49c5a4f97d5651738385564004103abfce99d2ebba28d70cffd262beb3f04b08617d2ccd1cad1f6472cc9bc7d93b99a1083c774997add8

  • SSDEEP

    12288:IGgOdS7noc5XN25cc0HkDSU+Qe+o9TePx9HMhB7:wwS7n3QychDSU+Q69TeJ9Hg7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\228e3635bc5373700c25668cb855278d_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3968
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\228e3635bc5373700c25668cb855278d_JaffaCakes118.dll,#1
      2⤵
        PID:3568

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads