Overview

overview

7

Static

static

3

27d4c94b72...18.exe

windows7-x64

7

27d4c94b72...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2024 08:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27d4c94b7279c672e9870ea55fb5b21c_JaffaCakes118.exe

  • Size

    1.8MB

  • MD5

    27d4c94b7279c672e9870ea55fb5b21c

  • SHA1

    7c614b59ff2aa463c96ed0ccec0a56e9ec269c8e

  • SHA256

    7c2eaadd704b55f8e6c92a9e76f5b7673ad73eebc944661edef179915adb042e

  • SHA512

    9a7b2b087c0240c4766de5a7cea2e654a793d5e103e82e36ea9cd8cb21dc06cf7f5cd06007e4f398db5c565515d63c4dd7c9eebf24c03f813074a190e5867dcf

  • SSDEEP

    24576:6M7I2rS3x5knA8127zBzXRjkVtXw6kypEGRKWqKYRjkVtXw6kypEGRKW:6vh5eqVzxItXw2yVxKWItXw2yV

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: LoadsDriver 4 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27d4c94b7279c672e9870ea55fb5b21c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\27d4c94b7279c672e9870ea55fb5b21c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\WaterDll.dll
    Filesize

    28KB

    MD5

    0f4961aed07e20131d6369f4d8728739

    SHA1

    09a96cacc41d7a154786792f1987209f79af6c3b

    SHA256

    a0171cd614647883b50437fae1c2bcacba348593678b86dbb7ccd190f3e5e864

    SHA512

    53ef42489058de3c6645f462b43e33ff95c141ab2a67e1fe180a1ea6cdf53baecd50414d708f90d20972526f3925ca1a5c041a70f13b1984fe8779ba576e2de3

    Download Submit