Overview

overview

7

Static

static

7

43b6d65741...18.exe

windows7-x64

7

43b6d65741...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-07-2024 23:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43b6d65741b852ec777b37b352311d01_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    43b6d65741b852ec777b37b352311d01

  • SHA1

    604424f42b8ad51b4d3e53cd15c40ad7a90a68f7

  • SHA256

    9e4f3dc59efc1ecc7799f00b8897b0aa927de350c493cfa5d34c7d81f28d3ba3

  • SHA512

    a7a05de4eddf854b7ba43b2f331d21231241a2d6181039f42608416ad5fa6e2d30cb2a411cd5296d7f0e2c36738cd80318953e666093267cea7a14ab4ce3d1dc

  • SSDEEP

    384:HuLIPJ0sXhggiWC6anYWEHI8Syx6mTROMV2YiTKrW5hOPLGmlgjweJ72Pey8b:HFPasXmgZC6rHI3BmeKrKhOPLG4g7J53

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43b6d65741b852ec777b37b352311d01_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\43b6d65741b852ec777b37b352311d01_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:5016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CPWGameRecord.dll
    Filesize

    33KB

    MD5

    13b38fd9f549c6811d29cf6660377b66

    SHA1

    7fb7789cc8438a258f3ee7cef3ef783afbfd52f7

    SHA256

    dad774b98c2e6e5aa258f631d136a04502210d50ee208bbd7d4bf6c5f3385d1a

    SHA512

    c03c8ddeb4d6a8294c4195c85db58173d895d9c6b8546349236d16c536d87b8797d1e85a698e7c09cb656774200ad088804231e2ed4db136af546ea387446d72

    Download Submit

  • memory/5016-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/5016-6-0x0000000000AD0000-0x0000000000AE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/5016-9-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/5016-10-0x0000000000AD0000-0x0000000000AE1000-memory.dmp

    Filesize

    68KB

    Download