Overview

overview

7

Static

static

3

45ac4a421b...18.exe

windows7-x64

7

45ac4a421b...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 11:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    45ac4a421b1178fea2dc4998b227e188_JaffaCakes118.exe

  • Size

    613KB

  • MD5

    45ac4a421b1178fea2dc4998b227e188

  • SHA1

    19a2007e051a63914d66fb44dd0548a27cc545d9

  • SHA256

    6268c6be67c5aa2ddfdfe7402464db02597527a6c2aff9f0507f07827d69cfe5

  • SHA512

    d616e2cfbc863a2e824a30a4994a2cf6c5e4295b8f68edfa479cafbcb879edb2b39b946578502d88072674b8c6b6b16ba61528ad1027b566f39e9e0ed12d156e

  • SSDEEP

    12288:UZfh72VKNXHMFf/V1nUS0XEg5SGhAxv0yXkPu09llizdiJXFB6bYrZ7P:W7uKNXsFfHUBJIGPE6llizdyzpt7P

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\45ac4a421b1178fea2dc4998b227e188_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\45ac4a421b1178fea2dc4998b227e188_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1604

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1604-3-0x0000000075961000-0x0000000075962000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1604-2-0x0000000077020000-0x0000000077021000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1604-1-0x0000000000260000-0x00000000002AD000-memory.dmp

          Filesize

          308KB

          Download

        • memory/1604-0-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1604-4-0x0000000075950000-0x0000000075A60000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1604-5-0x0000000000400000-0x000000000051D000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1604-8-0x0000000000400000-0x000000000051D000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1604-9-0x0000000075950000-0x0000000075A60000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1604-10-0x0000000000260000-0x00000000002AD000-memory.dmp

          Filesize

          308KB

          Download