Overview

overview

10

Static

static

10

30f9a7f5ad...18.exe

windows7-x64

6

30f9a7f5ad...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 15:43 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe

  • Size

    488KB

  • MD5

    30f9a7f5ad79432f6b31b9098e49e26a

  • SHA1

    1a8d4c1b331c3bd75e1547c83e5add34fe3dbc01

  • SHA256

    13cdc0fa0530ad7439a810510995d90d9bb0bb42946601f06f60e8743e9b1ca1

  • SHA512

    c48490083ee70fd1384e4fdc9d7fa30e5bafe89e8e1c4d8807a12382c261ee0c513984c76eb5884d0a3bb696cf284af965860f4ac1dd578714acf08491497733

  • SSDEEP

    12288:WLOZVQQxfnr+TK7r79/loLWeFcPRLEljM5aLD:W4VQQxfnr+TK7r79/loBF2R+jM5aLD

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    PID:5004

Network

  • flag-us
    DNS
    cck48.meibu.com
    30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    cck48.meibu.com
    IN A
    Response
    cck48.meibu.com
    IN A
    20.210.205.20
  • 20.210.205.20:8786
    cck48.meibu.com
    30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe
    260 B
     5
  • 8.8.8.8:53
    cck48.meibu.com
    dns
    30f9a7f5ad79432f6b31b9098e49e26a_JaffaCakes118.exe
    61 B
     77 B
     1
    1

    DNS Request

    cck48.meibu.com

    DNS Response

    20.210.205.20

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.