Overview

overview

7

Static

static

3

30e501eed6...18.exe

windows7-x64

7

30e501eed6...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 15:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    30e501eed6b29c41cb2475757a8bf87c_JaffaCakes118.exe

  • Size

    130KB

  • MD5

    30e501eed6b29c41cb2475757a8bf87c

  • SHA1

    0bc717fbf2d118e4b4aa475baeac70d016d540c7

  • SHA256

    da8edf46525bc31aa9217249526fc0ed9890f425927b4a52b8d0ae130faa10d9

  • SHA512

    134645d7a9cb577dee5cbf67653a230ae235eff98ad9d20a89038cce7a316ef7e2f6608c815325b5a55b65f9d454456dc07927c9b8c68fe3c94e849909385237

  • SSDEEP

    3072:BzrE+joI3z87lmpiMS9EC2MCfSpL2tTSYGcN6E/MEUufOe4:B/E+joI3cmpi5mMWgBYX/nUufv

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30e501eed6b29c41cb2475757a8bf87c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\30e501eed6b29c41cb2475757a8bf87c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:3032

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\s32kcp.dll
          Filesize

          24KB

          MD5

          d9ea52d19a203cd964263272315a71d8

          SHA1

          5aa90f154e5bb01351523e97d37fb20e69ee7b6e

          SHA256

          ca34b8abaa6ef2e5c334bf1e3b6c40113daa85d292a4979ff485d0e39380864d

          SHA512

          d67e6fa33fd80147aff518c982eb8ae255b06d13a5be08ddc264eb00b6563e5e8efb00c08cf5b31e738b13a2d3faf78fa3d97ed3fded15dbce1ad050bf9081e7

          Download Submit

        • memory/3032-0-0x0000000000400000-0x0000000000437000-memory.dmp

          Filesize

          220KB

          Download

        • memory/3032-7-0x0000000010000000-0x0000000010017000-memory.dmp

          Filesize

          92KB

          Download

        • memory/3032-9-0x0000000000400000-0x0000000000437000-memory.dmp

          Filesize

          220KB

          Download

        • memory/3032-10-0x0000000010000000-0x0000000010017000-memory.dmp

          Filesize

          92KB

          Download