Overview

overview

10

Static

static

7

454b2911f0...18.exe

windows7-x64

10

454b2911f0...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2024, 09:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    454b2911f01fc7390cad0e1cd0bdd7a0_JaffaCakes118.exe

  • Size

    3.5MB

  • MD5

    454b2911f01fc7390cad0e1cd0bdd7a0

  • SHA1

    2ca2c69d5c19e7ed4a67cb585de7a2e33c48d554

  • SHA256

    3b3f4bf2339aa8da609b52b4bf9d86482298261d320dcc36d3d627f1044e12ea

  • SHA512

    2eb57512b5b8fcef6bc9aa7bef11975ff1390d9679419f2c26e017787ec77badfb4d33ee2e459c44e81ac4dfca3a6056461fdfe23f9d18b403a4c0a6ea307a68

  • SSDEEP

    49152:SY78SGAcC+NurXM7A03AGtkkhvJn2NJeZuuO0FwKrThMqdVM8yrjNixsWkhM29b3:dx+2cJSGZM0Fr3dzy4xdRYPy2+XGBK/

Score
7/10
evasionthemida

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Themida packer 2 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida

Processes

  • C:\Users\Admin\AppData\Local\Temp\454b2911f01fc7390cad0e1cd0bdd7a0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\454b2911f01fc7390cad0e1cd0bdd7a0_JaffaCakes118.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2812-0-0x0000000000400000-0x00000000011E3000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/2812-2-0x00000000013A0000-0x00000000013A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-1-0x0000000002FF0000-0x00000000030E9000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2812-3-0x0000000000400000-0x00000000011E3000-memory.dmp

    Filesize

    13.9MB

    Download