Overview

overview

7

Static

static

3

3bddb1c738...18.exe

windows7-x64

7

3bddb1c738...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-07-2024 03:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bddb1c73858cb5076caa8d0142cf423_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    3bddb1c73858cb5076caa8d0142cf423

  • SHA1

    10317742d826304598d4b0890ec62e1e099644c7

  • SHA256

    9fcc782177a0a7ea30d7e983b612aeb1fa85a99bd76f5cb86293f717693dcc5d

  • SHA512

    e348625c45ff096850a9f17f9f851ffbd37769e146cfc2a9e192a3f32e3ca0b6a446a8c0bc3a67e67f9480adb287abcd5383e3786e1769ff65ed68bc9885ee89

  • SSDEEP

    24576:AheBzj9EYw4Y1tXDUXOexuzAiT3vvNBYxkPcYiT30nZSenza3CWF1gSc5:2eB+31tXD2FoNnfYx9930nRzwCyjs

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3bddb1c73858cb5076caa8d0142cf423_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3bddb1c73858cb5076caa8d0142cf423_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4644
    • C:\Users\Admin\AppData\Local\Temp\temp\e578c52.exe
      C:\Users\Admin\AppData\Local\Temp\temp\e578c52.exe 240618593
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_N4\iext3.fne
    Filesize

    368KB

    MD5

    a843c0e34738f334c1957c41f9fbdb4f

    SHA1

    53d74ac991e663d9c5376ee8ed1fa907af8e0a13

    SHA256

    9b55846c6068b3cd772c0958be054b64c535a014cd7b343e1dc492646cbc370a

    SHA512

    932e736af86d5c2658e5d76b007ae501bcf621315279e85808265249ff5a9d6e5f65f329db4a9349fb6290669e87a4a95b4f100939347f1f98896ae9631923ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.1MB

    MD5

    ed6eead90947249fd91f8a80d2a72cac

    SHA1

    8b063687368ee939bb142ab940dd2ed4cb472846

    SHA256

    c0e5a049675a09762ae18b8f44b152147a6c4d74ef6b5b630488d03760a8b3c8

    SHA512

    1a8f8cd90289fa32eace97e28376636747064213362c824a686e8326e4ce81f7957ce9c3abae976b988493168fd377ff4e8d66bd16370d4a4d5c0b0d71c9c408

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_N4\mp3.run
    Filesize

    188KB

    MD5

    23084dbbb8b8c7f44f05267b51384b6a

    SHA1

    a2c747c4dbfa666ff0ea1e328948975df8cf1453

    SHA256

    3a4bb79bbcbef0df3b5a94373ef867bffda167c2369b65bb1c5aeca4563361ab

    SHA512

    50e5dd50baa4c2b9ac8d9809124c0bfeeb29f3e286f0aa77ce254d2ab89f7eb4650dcfcafcf69b3da7a415a935f505de7a10b4d3b6c5630302e66d7cf7544edd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_N4\spec.fne
    Filesize

    72KB

    MD5

    9e2f4a9b8aba621fbb57ad99652c1fc0

    SHA1

    4af8f2622001b6a287f8462df3d013c67c4ea056

    SHA256

    f353dcae5a4d2f216872fb06b7547d8cf040f63a08f98a1d9f2b6a499168732a

    SHA512

    41635e1a0f4c9da4ba11381389f96533d0e009688df6e422f205936e4e5c52fdb9990ba66d9dfe9c3f5e608c98c770c970253278ea7425abc4a29b17ff1f3edd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\temp\e578c52.exe
    Filesize

    1.3MB

    MD5

    3bddb1c73858cb5076caa8d0142cf423

    SHA1

    10317742d826304598d4b0890ec62e1e099644c7

    SHA256

    9fcc782177a0a7ea30d7e983b612aeb1fa85a99bd76f5cb86293f717693dcc5d

    SHA512

    e348625c45ff096850a9f17f9f851ffbd37769e146cfc2a9e192a3f32e3ca0b6a446a8c0bc3a67e67f9480adb287abcd5383e3786e1769ff65ed68bc9885ee89

    Download Submit

  • memory/1944-22-0x0000000010000000-0x000000001011D000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1944-21-0x0000000000400000-0x0000000000456000-memory.dmp

    Filesize

    344KB

    Download

  • memory/1944-30-0x00000000022E0000-0x000000000234C000-memory.dmp

    Filesize

    432KB

    Download

  • memory/4644-0-0x0000000000400000-0x0000000000456000-memory.dmp

    Filesize

    344KB

    Download

  • memory/4644-8-0x0000000010000000-0x000000001011D000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4644-29-0x0000000010000000-0x000000001011D000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4644-28-0x0000000000400000-0x0000000000456000-memory.dmp

    Filesize

    344KB

    Download