Overview

overview

7

Static

static

1

2d4b94069c...18.exe

windows7-x64

7

2d4b94069c...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2024, 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.exe

  • Size

    6.8MB

  • MD5

    2d4b94069cfa0460d772324893eb91ab

  • SHA1

    0d98cdd4a34aa057ca1d085d953f913203845a6c

  • SHA256

    a7c73709065d7890ec7cd20f3d90272b2ef15405940565865bb14915b4057682

  • SHA512

    6e1af37e0eb813fe1773f9a018b8de8f8784b9382c4d8ed079e2d5edf9423fe37c4c2ac9bf190c20e707bb15216f2805ec19f406c4cfd28893a8b80ef3c92631

  • SSDEEP

    98304:8HbwEWnktAaNAIrM3twuKDvyv4hHix9S4KxnMu+jjBDIrV2vMG5iS+Bg5To66fWB:4b2pa+FtaFhinS4CMu+jUSMG5i9gq66a

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4796
    • C:\Users\Admin\AppData\Local\Temp\is-LHKUU.tmp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-LHKUU.tmp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.tmp" /SL5="$7029E,6698464,140800,C:\Users\Admin\AppData\Local\Temp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.exe"
      2⤵
      • Executes dropped EXE
      PID:2736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-LHKUU.tmp\2d4b94069cfa0460d772324893eb91ab_JaffaCakes118.tmp
    Filesize

    1.1MB

    MD5

    b277e6ac242fcbc37f4d03e1528949c1

    SHA1

    2602407044a6bad216d3856eaf8fb990e0f1094f

    SHA256

    9461ae8a13a57c0d8490916dc1e1bb20cb0c171b9852d0846a03c4c4d212f204

    SHA512

    80d8b934ff63e4a7df3dabb9e6435c2d5ea542624b238be8a27b53c63be8dc244d46d4d9db1950b6d67d91dde12f3d819e7e4453536595d6385c65d2c6bbf5f7

    Download Submit

  • memory/2736-7-0x0000000000400000-0x0000000000526000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2736-15-0x0000000000400000-0x0000000000526000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4796-0-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/4796-2-0x0000000000401000-0x0000000000417000-memory.dmp

    Filesize

    88KB

    Download

  • memory/4796-14-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download