Overview

overview

3

Static

static

3

43eeb83aff...18.dll

windows7-x64

1

43eeb83aff...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2024, 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43eeb83aff2d9896701ae10b86ba6fb2_JaffaCakes118.dll

  • Size

    275KB

  • MD5

    43eeb83aff2d9896701ae10b86ba6fb2

  • SHA1

    c712c81020a5783894073e9f269b5513872bac57

  • SHA256

    757ebef7bf9dd9e5645124459014759b1e1a33c77b336c75499e87f81e3bfcd3

  • SHA512

    9aefe64f6eba7d4b563ce04ea273f98b3e2ee2561db9d86a241e2bd3f7167cf6913a3224506aecfc38123b6c664e6da89bcdbab470068bb067f2a2ead6fa0712

  • SSDEEP

    6144:yjY729zRGxd2Cua7Bn3wF8tH2KE3jKZfC1JeRGvFDEabDs84OlrtgnyNYTEPNl:P7kG/R75gFAH2KE3jKZfC1JeRGvFF482

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\43eeb83aff2d9896701ae10b86ba6fb2_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4664
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\43eeb83aff2d9896701ae10b86ba6fb2_JaffaCakes118.dll,#1
      2⤵
        PID:3748

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads