Overview

overview

7

Static

static

3

3d63058939...18.exe

windows7-x64

7

3d63058939...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2024, 12:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe

  • Size

    13KB

  • MD5

    3d63058939efe6b517e4d4c07e9abd4b

  • SHA1

    705090bea99ec1ecb4245f9ffc9ffacbcc3695f8

  • SHA256

    65348b23df6f99a98793f3adb907829bbe3d304b6b09b9181ad86e13a5da5dc0

  • SHA512

    68fcd37dfbd6b8531ebcb5bd05a4297bceb7cae5d7a2a474b2e4c378b7eb6f13f0a661794ed63768bfd8beac679cb7ac52b51b309db049e1a66a091f7ea49503

  • SSDEEP

    384:PA7PFzLjZfro7IG8JbiHnkofIV13AN0YX4wbTw:PodzvZfrMceH9a1w6r

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:876
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.bat"
      2⤵
        PID:4128

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.bat
            Filesize

            307B

            MD5

            75cba84b9fa1b97c927e9d3bc0d65944

            SHA1

            879d4aa1fb3b083a2e4cab853f95cc7ddf1362fc

            SHA256

            2972c0a3483b132e8eedc12521db29b5a079c290124bec4f8838e00909a79dbd

            SHA512

            a46ebdb739c4c34fb357c26dec7f657f5c284aad19c4924b7932d8cac4deeb642b7a3f0a8b1d60501d08b87763c5da62f3caaee99fb21f94ca98a3c28aa17564

            Download Submit

          • memory/876-0-0x0000000000400000-0x000000000040B000-memory.dmp

            Filesize

            44KB

            Download

          • memory/876-1-0x00000000001D0000-0x00000000001D5000-memory.dmp

            Filesize

            20KB

            Download

          • memory/876-6-0x00000000001D0000-0x00000000001D5000-memory.dmp

            Filesize

            20KB

            Download

          • memory/876-5-0x0000000000400000-0x000000000040B000-memory.dmp

            Filesize

            44KB

            Download