Overview

overview

7

Static

static

7

37f4c7de93...18.exe

windows7-x64

7

37f4c7de93...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    95s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-07-2024 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37f4c7de9373707cadba33edd4f0bb72_JaffaCakes118.exe

  • Size

    385KB

  • MD5

    37f4c7de9373707cadba33edd4f0bb72

  • SHA1

    e020da174d4e969cc00d2a11b3d88b28d35d4ede

  • SHA256

    5aaaec10839ba65562e421724f14597483261d23b469355869de479f5e2a7661

  • SHA512

    0333462140acbcd04b31f32fab77c9ca0443955ebb09e8b8651b268e6b103534f8fbb994bcc13475d82f6c8536a2d464ce1b5e19a06ee3fd4b9e535026d9e273

  • SSDEEP

    6144:sFWULSRFLqBjpsV5c0tQkrX2IV5pU/Gp3df1wy76MjsCrIDOo9qrdO4pO1:EWhFL8jpsAQQIX2I7pUuD1wgjst6mKO

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\37f4c7de9373707cadba33edd4f0bb72_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\37f4c7de9373707cadba33edd4f0bb72_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of WriteProcessMemory
    PID:4260
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\$$30689.bat
      2⤵
        PID:3700

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\$$30689.bat
      Filesize

      181B

      MD5

      cfe814b75aea6847171cc50f22a74a19

      SHA1

      e4dd1d5bd51674862326672b07aa3bfc8ac950d1

      SHA256

      2b918a8e920fba033502d9409ddb5e051ce8591506d8fa3dbf0cfd5bbc051100

      SHA512

      a6878ca90f1a4aeb031be2e153a5e17b9e3a95fd03cd1c81ad8e4b919b946a2f118e70bcf4901064b97039e8f60a372a85d039a15dfc69a51956bd43f647f541

      Download Submit

    • memory/4260-0-0x0000000000700000-0x0000000000701000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4260-1-0x0000000013140000-0x0000000013235000-memory.dmp

      Filesize

      980KB

      Download

    • memory/4260-4-0x0000000013140000-0x0000000013235000-memory.dmp

      Filesize

      980KB

      Download