Overview

overview

7

Static

static

7

38568734fb...18.exe

windows7-x64

7

38568734fb...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 08:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    38568734fb5057a6e65916768d17e10f_JaffaCakes118.exe

  • Size

    54KB

  • MD5

    38568734fb5057a6e65916768d17e10f

  • SHA1

    89b3b562d7603e292018835cd168ccb49b5079bd

  • SHA256

    1502b0e6db311fbe5df110b813b086b5391011a055bbd395e42f043d3d15ca9e

  • SHA512

    e17088c818f9efaae337febd01541d238b7685d33477eb7101812f82ccfa68d2e87a9e4424188ed406178e64f9d53b142fb3d2de9b3a7768eed2855f86de3124

  • SSDEEP

    1536:XDEY2Z3bvPcYhhHbeV71weIikBFfAiwsCS:XDEpbvPcYvHb2hwdr3D

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\38568734fb5057a6e65916768d17e10f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\38568734fb5057a6e65916768d17e10f_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    PID:2360
  • C:\Windows\SysWOW64\ATASecSvc.exe
    C:\Windows\SysWOW64\ATASecSvc.exe -start
    1⤵
    • Executes dropped EXE
    PID:3036

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\ATASecSvc.exe
          Filesize

          54KB

          MD5

          38568734fb5057a6e65916768d17e10f

          SHA1

          89b3b562d7603e292018835cd168ccb49b5079bd

          SHA256

          1502b0e6db311fbe5df110b813b086b5391011a055bbd395e42f043d3d15ca9e

          SHA512

          e17088c818f9efaae337febd01541d238b7685d33477eb7101812f82ccfa68d2e87a9e4424188ed406178e64f9d53b142fb3d2de9b3a7768eed2855f86de3124

          Download Submit

        • memory/2360-0-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/2360-5-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/3036-6-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download