Overview

overview

7

Static

static

3

35718bf70a...18.exe

windows7-x64

7

35718bf70a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    35718bf70a7bc7d31cdb8964771c2eed_JaffaCakes118.exe

  • Size

    176KB

  • MD5

    35718bf70a7bc7d31cdb8964771c2eed

  • SHA1

    ace977ec995d5d747a5ee899716f5e2c974d1f5e

  • SHA256

    19cd83118d1c796130bd7b4e6f11c461f377bad45003ce5f7dfc91548f4d4d03

  • SHA512

    7529ef6e4141be29e0b58865d0dad616b27d6a49c1d5ef6f9ab176fe63fa483ad4619b8dca51911b56abdf78149fd9073c939d8bd49e8bb8dda71d75edd2a122

  • SSDEEP

    3072:cHbeIHRkpr9k/r8uAPjnSCNWk++rz768Ons/QQ/ajn3bIcuARNW/71L3ZhSKMniX:c9+R+j8x+ELQn9bbVTA/71LGKMnri

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\35718bf70a7bc7d31cdb8964771c2eed_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\35718bf70a7bc7d31cdb8964771c2eed_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\DD1084EA\_Setup.dll
    Filesize

    84KB

    MD5

    10c125562fc2e1178361e0714218950f

    SHA1

    4be2076a4b709f405b9031b8ebeeff4c6282f6a0

    SHA256

    d17c8743b34aaee4468d07cac285d10d492f13ce84de8281c64c88622a869658

    SHA512

    40089ad6241d321d270b80c83fc4e565510d16ee3d98fd28e3afd38a4def8b207dc03b61135c2bd39350ef72411fd316a9331fc49854369f062a4078e472dbea

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Tsu-0AC0.dll
    Filesize

    241KB

    MD5

    fe2cb631009af3990d127bab061d1a8b

    SHA1

    7540e9f085b48fc6c58b979f78faaaf0c002f11b

    SHA256

    558130195a488f1a62d5b6bea65d078defc29c102a1e1cd0cf09818fd94f57b5

    SHA512

    c7e99221f41e68df06a2b5799ae9b99f6b2499f108dd97b5ef66aa45a7490a0bc6c943ae0c27166e56c613365bd9de6a5fd4336316f9d3ce968877c149451bed

    Download Submit