Analysis

  • max time kernel
    95s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-07-2024 00:55

General

  • Target

    32af4db8c4df66fcbf4f587be33c4bbb_JaffaCakes118.dll

  • Size

    346KB

  • MD5

    32af4db8c4df66fcbf4f587be33c4bbb

  • SHA1

    f23f2c79af6296091d807ed82a4f4a48b7653c4e

  • SHA256

    b4cf2d352e37150afeb6b2e8aade964144a1689776b54e114590eaefce62ab5e

  • SHA512

    12979ba5665b7b4a8f76fdc871735ec28d35afefec6c38b5dffe3e24ff47f9208bbe1f79090ab01d659dab3ee9b939672d41fde5bca6a765689b541d2400681b

  • SSDEEP

    3072:T82jpiC2JG7HZb7XWQml/jz8A4diTE90Q6kF4CKAYRkcj:w2L7HN7Kl/jLA90QECrYRpj

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\32af4db8c4df66fcbf4f587be33c4bbb_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1348
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\32af4db8c4df66fcbf4f587be33c4bbb_JaffaCakes118.dll,#1
      2⤵
        PID:3816

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads