Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10-07-2024 21:09

General

  • Target

    3664645bdf2a5e7baa01fdc419df4513_JaffaCakes118.dll

  • Size

    6KB

  • MD5

    3664645bdf2a5e7baa01fdc419df4513

  • SHA1

    0e7ba956d0250779f2b2795ebe4d5b1616c6f5a0

  • SHA256

    1f446e860c9e2407d11cd7cc919f4c13bcb28f522cfc10207970566214414957

  • SHA512

    10757dc4bbbf7165cc1b2442a1e43dd499323ab2ba1f8930bc0a95d8c49a2056207a017e8b94f18eb978b561e0223ccb78e0ed395aaa41474f7401942781a3b1

  • SSDEEP

    192:Rv0ZCVxcWDT6ixHvzX5at6J2cv2USQqNnSBkgUwuz:50OCiN7UtLcvlZo7h

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3664645bdf2a5e7baa01fdc419df4513_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1620
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3664645bdf2a5e7baa01fdc419df4513_JaffaCakes118.dll,#1
      2⤵
        PID:2096

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2096-1-0x000000002500B000-0x000000002500C000-memory.dmp

      Filesize

      4KB

    • memory/2096-0-0x0000000025000000-0x0000000025013000-memory.dmp

      Filesize

      76KB