Overview

overview

7

Static

static

3

2fd6bd508d...18.exe

windows7-x64

7

2fd6bd508d...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 09:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2fd6bd508d44bf5e2c822717eb3be2da_JaffaCakes118.exe

  • Size

    294KB

  • MD5

    2fd6bd508d44bf5e2c822717eb3be2da

  • SHA1

    0c16166e7e6039d6da3adf3f7ba3b697913705c6

  • SHA256

    47029a7c5d92602e428dbe428e969739b4ad7cfc1d546abfbc45d7b086be5f17

  • SHA512

    1d56f8f9174203d1083dec813853d5945bcfc84f760993c009c6abc125e5b1407c70d74bf0ba92d2292e74b5ba86fd321ec040fb0738b9bd68a2407084ecb9b1

  • SSDEEP

    6144:P0hsehnP8zOWy66Z6jef4EVZDDdHIxx8dGkC2VcoYAEdinrMmETMRq8:P0hs2nPeDh6YjI4E3DDexy6HLdioeq8

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2fd6bd508d44bf5e2c822717eb3be2da_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2fd6bd508d44bf5e2c822717eb3be2da_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu8F42AC38.dll
    Filesize

    266KB

    MD5

    9e6bd3807c0e249433cfcddaf3161cd9

    SHA1

    3d353198159bf6e32b9433e5f6651d0269e913e3

    SHA256

    4729e1fb04110bb04dda9e4f27d34e2818fc561669e70b14be6e10793f0260e6

    SHA512

    38170093ee8b62a850ca506d885cdc9e59c976554ed5bc329469c0ef2c601ec096ea245ab2e6fc73c49e22404a06f24707864ce449ea46647345f9695a4e233a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{020E553C-FCFE-9765-A19C-F8C30622A441}\_Setup.dll
    Filesize

    206KB

    MD5

    5e44d0cf9ceff73ff46531f7c8314ecc

    SHA1

    15d715f1250425b8d45ab8b7bd0a12b3161308da

    SHA256

    bbea73a9cb013cf7b9ef33e1f3e22b4ae21e7a8e6a5f75836ed38cf9f722608d

    SHA512

    de89d0aa9cd474713d2b9d3785ecc2b6cf9e1af938e12931f002b9cc6338cf0da0feb6371432c1cac4f460c98c233daf7ae6932fa45598eeb7b0a369a04ab555

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{020E553C-FCFE-9765-A19C-F8C30622A441}\_Setupx.dll
    Filesize

    38KB

    MD5

    5f47a5cef83ef9d60680741f52bbfe4c

    SHA1

    aa2dbae6c57a32d3061b8831e0a0146a4f13db05

    SHA256

    9a4725c58eaed1ebb024d78ad5651817f5347a4fc7c834a48c80656b1b2e110d

    SHA512

    f748c786378faa53538a78ac131c9941a0d153b8d7b1d2b8776d6338df65e2dca90dc93847e667427ee903a08aaff05cbad823e31a57bdd5b5ad8d594d4005ab

    Download Submit