5e6d336c12393eff8106381d601a1e3c78921627b8b47ad497e2d89dfbfe2274

Analysis

max time kernel
133s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
04/07/2024, 03:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe
Size

473KB
MD5

247b7f777198730f3314b231c0e1cea0
SHA1

61bb38bc398ccf7d072f1460f995620e69fc326e
SHA256

5e6d336c12393eff8106381d601a1e3c78921627b8b47ad497e2d89dfbfe2274
SHA512

21589ac6454f35cb8e2aab5562a0a975a1cfa8df77233ee8f09dd58e524f6a6729295a8d3b5a1bfa24d85b4c4e3f8b54c93db24320192c1b045eac9b6a61d72a
SSDEEP

12288:rnAJsUCgVQkiCgpcAnirLSsJm50igxB12rsv:U6pgVFo0isJsc12rs

Score

1^/10

Malware Config

Signatures

NTFS ADS 3 IoCs

description	ioc	Process
File created	C:\ProgramData\DYA_GLRWNJPTKECSRVMPL\1.0.0:$SS_DESCRIPTOR_SBXNV9VVGV1BFP6HMJ6F5L89M0XTJWH4HJRT3KXFSVF7JBCVPJGV	247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe
File created	C:\Users\Public\Desktop:$SS_DESCRIPTOR_SBXNV9VVGV1BFP6HMJ6F5L89M0XTJWH4HJRT3KXFSVF7JBCVPJGV	247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe
File created	C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFP6HMJ6F5L89M0XTJWH4HJRT3KXFSVF7JBCVPJGV	247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2272	247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\247b7f777198730f3314b231c0e1cea0_JaffaCakes118.exe"
1⤵
- NTFS ADS
- Suspicious use of SetWindowsHookEx
PID:2272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\DYA_GLRWNJPTKECSRVMPL\1.0.0\Data\app.dat

Filesize
971B

MD5
21d51d3ab7edd41e418f9704effae63d

SHA1
6334fe2116b128a8190fc7e456447eaae259e968

SHA256
99a9ed5b072c3129fe5e0af3c9aec8bddf260bfcef4f54140ca3d975dee857a5

SHA512
f2803c69c895f51f29999c1691e0032ba8f82eac071eeca83f68345625ebfd88da207d7d7c8f529f4c32dd634ff3a816137cc3127e4c003afa4eb2bb417955af

Download Submit
C:\ProgramData\DYA_GLRWNJPTKECSRVMPL\1.0.0\Data\updates.dat

Filesize
971B

MD5
3ae9df8967ff23481bbaef821334b215

SHA1
943ec9302b7c2796a625490fbf126acfae1fbbe7

SHA256
12e7c6f71ed6a25646cad6e1eb888e0998aa550ebd0c4703a462695411aaf350

SHA512
177d61ddf681263b789adddd5d3b68dd6b4e957420f536b50e09dc15b5d52826b5724bee382d38f36eea09b0250cd5a0acaccc8597d8e79d01017b725b1a3c1b

Download Submit
C:\Users\Admin\AppData\Roaming\DYA_GLRWNJPTKECSRVMPL\1.0.0\Data\dya.dat

Filesize
971B

MD5
430b93dfd70b1f480f49052d2e9a0ddb

SHA1
96275a7aaf0014d8f8994c350fed4033d14684ea

SHA256
30a1c2e5c55983f54acbde3ce5d0acca3e5085bf9ead6709c67f79535df062f1

SHA512
1c9846523cd9505e1e0fede19744871de9ee5a31dbc07274311bc2a10bdf2f8e2487ec7e9d0694f5218edc979dae6af15d2f519c90ca3e84890a211b470ccfe7

Download Submit
memory/2272-0-0x0000000000400000-0x00000000004A8920-memory.dmp

Filesize
674KB

Download
memory/2272-1-0x0000000000407000-0x00000000004A4000-memory.dmp

Filesize
628KB

Download
memory/2272-43-0x0000000000400000-0x00000000004A8920-memory.dmp

Filesize
674KB

Download
memory/2272-44-0x0000000000400000-0x00000000004A8920-memory.dmp

Filesize
674KB

Download
memory/2272-46-0x0000000000400000-0x00000000004A8920-memory.dmp

Filesize
674KB

Download
memory/2272-50-0x0000000000400000-0x00000000004A8920-memory.dmp

Filesize
674KB

Download
memory/2272-49-0x0000000000407000-0x00000000004A4000-memory.dmp

Filesize
628KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads