Overview

overview

3

Static

static

3

39d2c75050...18.dll

windows7-x64

1

39d2c75050...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2024, 16:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    39d2c75050a929ac6e9f6efd759fd7c6_JaffaCakes118.dll

  • Size

    758KB

  • MD5

    39d2c75050a929ac6e9f6efd759fd7c6

  • SHA1

    1c15cbb7ebb46df50a742d029f492ae3ee3695e4

  • SHA256

    e8f06d5cb550af23c21948c1e79a5f142fb46cc13d8355d4a20f8b9110371e94

  • SHA512

    548de8877d9faaa09b2545b5bd7c5ddc1dcd6d5fe7d33e2b27eb6ec270c2a6e80f8b24695c4f62ad5f4cc9d157e80068f916b883dc4dfb08f15cd01c9b844165

  • SSDEEP

    192:w7ClDrb3lHuC3smUVzgEKAxiILpLtFQOEvR3kiCgdgPpHcKXWXUbd+QbK6T:w7CZsC3sJXxi6N6dq9cKBbg6T

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\39d2c75050a929ac6e9f6efd759fd7c6_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3640
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\39d2c75050a929ac6e9f6efd759fd7c6_JaffaCakes118.dll,#1
      2⤵
        PID:3768

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3768-0-0x0000000020000000-0x0000000020009000-memory.dmp

      Filesize

      36KB

      Download