Overview

overview

6

Static

static

3

34a5e9553a...18.exe

windows7-x64

6

34a5e9553a...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    92s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 12:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    34a5e9553a21c678b7fce371adca1189_JaffaCakes118.exe

  • Size

    261KB

  • MD5

    34a5e9553a21c678b7fce371adca1189

  • SHA1

    41e957798e20bb7bd8b95819eaad6d35b755a8b4

  • SHA256

    fb47f05c2089fc5a0a0c2332c71159bd1f0980ea160e552013b1fba3d289a9e7

  • SHA512

    ad3eb76696cff8970e4cdebe6ce7b2be92e0fa0cfc67856ae5bc8b135b74f7df588b8784885d1145a631cb21b095b43a0dc6ca2c90308db4ddd1b30a7f939e7d

  • SSDEEP

    3072:WWMoTLbAyxLnX2aKidNy/MQKI3adATsHSRh+gnTchZNQsnOGT0RJiyDyCjntuFj5:RdGkHKdRhTIG3hDyCj8FyaBd

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\34a5e9553a21c678b7fce371adca1189_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\34a5e9553a21c678b7fce371adca1189_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2204-0-0x0000000000400000-0x0000000000447000-memory.dmp

    Filesize

    284KB

    Download