Analysis
-
max time kernel
92s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
10-07-2024 21:07
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3662e807ea568b1ef9dc9055b45b42b9_JaffaCakes118.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
3662e807ea568b1ef9dc9055b45b42b9_JaffaCakes118.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
3662e807ea568b1ef9dc9055b45b42b9_JaffaCakes118.dll
-
Size
5KB
-
MD5
3662e807ea568b1ef9dc9055b45b42b9
-
SHA1
215093a742b17979de53c5c244f492b456b8c3d8
-
SHA256
c180003a0a85c137c5fad1bd3f36883645a46be47a481ff078ebe68512f161ad
-
SHA512
ad5bed8c8b598f7b23bcf378108f489214647d4f765d4ba74fc18d49b5eee4bf9887e772882d35add9a88031ea0f7cc52abccdcf66bbf9daeb5def066f18a234
-
SSDEEP
96:ZXljzuKq1opXUbPFSlmv1r+n2RuH2AjWMXQP5++ExXkSqMcQSNIkbQdd77aF9ORC:DqoS0lu4WA65oq7QSuIoiGRYbR
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1712 wrote to memory of 4164 1712 rundll32.exe rundll32.exe PID 1712 wrote to memory of 4164 1712 rundll32.exe rundll32.exe PID 1712 wrote to memory of 4164 1712 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3662e807ea568b1ef9dc9055b45b42b9_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1712 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3662e807ea568b1ef9dc9055b45b42b9_JaffaCakes118.dll,#12⤵PID:4164