Overview

overview

5

Static

static

3

25d4e9421e...18.exe

windows7-x64

5

25d4e9421e...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 18:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25d4e9421e2d4f95f3553eee962fe98c_JaffaCakes118.exe

  • Size

    220KB

  • MD5

    25d4e9421e2d4f95f3553eee962fe98c

  • SHA1

    10fcc4396ad82d88278a983183a7e5859711711b

  • SHA256

    9230706e4f875b46a708a978d7e74607ca593a58697219b51a88dc4c3eb9153d

  • SHA512

    44a47c61e3975dda7e413e27c95d5679b1e5ac191efa1d7ff92a419b1090b3066797baa968ef63b7b8016967e2cd45ed1fe60c542b7a8832cb7649dc7c08bb25

  • SSDEEP

    3072:bMQZ/Y+7IXdeOnlyTdZvTXZkTM1GniTPOLCo5:bRJ7j7J+M1tmx5

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\25d4e9421e2d4f95f3553eee962fe98c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\25d4e9421e2d4f95f3553eee962fe98c_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2892-0-0x0000000000400000-0x0000000000437000-memory.dmp

    Filesize

    220KB

    Download

  • memory/2892-3-0x0000000000400000-0x0000000000437000-memory.dmp

    Filesize

    220KB

    Download