Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-07-2024 17:56

General

  • Target

    42bd4d8e7ad5733a90c565a59542a055_JaffaCakes118.dll

  • Size

    330KB

  • MD5

    42bd4d8e7ad5733a90c565a59542a055

  • SHA1

    de69bec51221d85c3b94f2c7de987d605f27a3b4

  • SHA256

    381217b4633c3d0de04c00b27563147140de057c72fb772a7371a03dcf235467

  • SHA512

    090709414e7674158ab7ae6a99162464db72f250a595cda7b9cfa083908e40d90ffefad0196ae4084822ab678e9007539485952521b1d8e4d030bdc180192dea

  • SSDEEP

    3072:URq1sFAd2gQ5PmBvNZwnnq1gn2RvoXiDzAYgrO1v2F5j81qc:Gq1sFAwgwmBv3wnIgG4oAYxvU54gc

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\42bd4d8e7ad5733a90c565a59542a055_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\42bd4d8e7ad5733a90c565a59542a055_JaffaCakes118.dll,#1
      2⤵
        PID:2620

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads