Overview

overview

6

Static

static

3

434686b234...18.exe

windows7-x64

6

434686b234...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 20:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    434686b234fab2eacab6d6ef4b8e622b_JaffaCakes118.exe

  • Size

    261KB

  • MD5

    434686b234fab2eacab6d6ef4b8e622b

  • SHA1

    4a91afebc2a1f894c6c5b3a11fab88c448f6f88d

  • SHA256

    b74a7a7498a554c299e0381981bc70fdf1e53011f867014c1cd701f6b4da0112

  • SHA512

    58d3369f2eb1723de78b68e990e2a60f8298ec33306437dead9b2a0fe6644869e47b0a29c019ddf5a5b8c206d120411483c84992b00348a7bb892514bcbd3603

  • SSDEEP

    3072:VWMoTLbAyxLnX2aKidNy/MQKI3adATsHSRh+gnTchZNQsnOGT0RJiyDyCjntuFjK:GdGkHKdRhTIG3hDyCj8Fy5nd

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\434686b234fab2eacab6d6ef4b8e622b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\434686b234fab2eacab6d6ef4b8e622b_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:1300

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1300-0-0x0000000000400000-0x0000000000447000-memory.dmp

          Filesize

          284KB

          Download