Overview

overview

10

Static

static

3

417913af1c...18.exe

windows7-x64

10

417913af1c...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    125s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 11:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    417913af1cbabb5b6634201203db3041_JaffaCakes118.exe

  • Size

    242KB

  • MD5

    417913af1cbabb5b6634201203db3041

  • SHA1

    3dabc22464fd2427a8f90120392d0bdb2064935b

  • SHA256

    1c64044dd5ee934a30727dd49ee2e2ee04d5b301ac490cff62cd709387e486b5

  • SHA512

    f939cf547a0b5f1edafdd89f13b03d3a2408821e97cbae313733c9195e891c96ecec4c23c73145799c2e600774b254513b2ba11d55842ad23c86b141ae386d92

  • SSDEEP

    768:AdB+Lh3cDNQhlojZy3A5qlys0I57WgXI+TlIjq:qwIiJ0IlWl+BIjq

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    vtototest25

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\417913af1cbabb5b6634201203db3041_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\417913af1cbabb5b6634201203db3041_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2452

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2452-0-0x000007FEF5F8E000-0x000007FEF5F8F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2452-1-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-2-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-3-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-4-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-5-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-6-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-7-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-8-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2452-9-0x000007FEF5CD0000-0x000007FEF666D000-memory.dmp

          Filesize

          9.6MB

          Download