Overview

overview

7

Static

static

3

267540d7ac...18.exe

windows7-x64

7

267540d7ac...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2024 22:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    267540d7ac9ebc6be78ad284352176e0_JaffaCakes118.exe

  • Size

    628KB

  • MD5

    267540d7ac9ebc6be78ad284352176e0

  • SHA1

    21ccf1a4d1e40066db2550843c71eadf1dbb16ee

  • SHA256

    7e048efc28c21c640949476fd60e501c0e0b41f94d137b4cb0d2731cf145fd2d

  • SHA512

    5424c91cc11768c2928f0006450b084ee6e8aba36333c4da831751c673fda51cdf617c651e54f5cafc9713554db337ed9734e734393f0ee6726ef25a87f013e2

  • SSDEEP

    12288:Qh8Do4oKfiiGeiwqnyM6Kb2eO48ZPlD7uXtBVt218rQ:Qh8CKfi1wqnyMvnMlo2mrQ

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\267540d7ac9ebc6be78ad284352176e0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\267540d7ac9ebc6be78ad284352176e0_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.1MB

    MD5

    cf46bb62a1ba559ceb0fad7a5d642f28

    SHA1

    80b63dd193e84bfacbe535587dd38471b8ea2c24

    SHA256

    fe4bba1a99b332c8bbd196d3a2f3c78d9edc8f212842ff2efef17eba38427f67

    SHA512

    1f71f31fdc1ef7695d7a6e79218a9192804178bb2af80486de4f8ff3d7e176860813a61fa265bf78fe4ff722a85b72798938d715d8a2a034ac759505197a1058

    Download Submit

  • memory/4904-0-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/4904-6-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download