Overview

overview

7

Static

static

7

46e230bee4...18.exe

windows7-x64

7

46e230bee4...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 17:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46e230bee4094c98d29229524a531bef_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    46e230bee4094c98d29229524a531bef

  • SHA1

    7eab2f3749d9d0f929a6455eba72d85c5a88f474

  • SHA256

    594b6fb7a7c4489d81117c1e253565d7332467dce7de05ec7e8600310f6af049

  • SHA512

    c41b8f587cd30a26376f5e75017bcfe2330c31d7e8cd04d7928e6f040e68794f9b1bf4b83249fdfff3f80932d4a54c1975da4cb9035898fa254a45de1505b3c0

  • SSDEEP

    24576:jUKtl5/5i9BnNJPzhOcj3X/UOvbcBFVni0zz6dS7CDh/bOlDebV9:xl5B0BnNJYcj/UO4BVzCV/u4

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\46e230bee4094c98d29229524a531bef_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\46e230bee4094c98d29229524a531bef_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2432

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\E_4\iext.fnr
    Filesize

    212KB

    MD5

    c5e61845363e55904042c2d05b50c3a7

    SHA1

    bb84d635b50847d42209cebee04cbe0e573cd225

    SHA256

    a3f6cd16b8abc8fb00a977b2132951c7f9bb4de8e67235b8e1056a0174dce7de

    SHA512

    e4166d0eb82a1dee48f0e93b0a1a3acfa3282ae5c09f9feb732ad3af4fea08e19a81bf114ebdd5ac7b65393bf2f26c7945a7be7112e823db9378d8559f8c71fd

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
    Filesize

    1.0MB

    MD5

    2796b4702a9d620975cfbfb63736eb3b

    SHA1

    1af4a009f852b4bcaec3f9a392a69b49ed417a98

    SHA256

    d1c946b9639d3688837defbff4e68ad466be8b60e84414aaa34d50c748ee69d1

    SHA512

    e3399a313eb0b16189c04d36d9ca1e5de5b00d27b7934cc7c70c3d571a1c7c7638119bf2fe7eb94be7060b4874fd0dd21c39ec88d8e3749f01f4d6e842d4edf2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_4\xplib.fne
    Filesize

    72KB

    MD5

    42ac8b48bf08f3e82d2b847585eafdf0

    SHA1

    fcf8b07a7ec0870cd5dfae111738fc3d15204168

    SHA256

    163454828ed88c76217fae1df482989425121c70764ce6a829b799f087405d57

    SHA512

    8523621295ba4e7b06ad82871c76d02bc01df94365c47893efb80b9236ca8f29bf6001051e3d72192c8fee2bc76ffaea607f37f5f2a4f7d6ea7ac96d6e9bf681

    Download Submit

  • memory/2432-5-0x0000000000400000-0x0000000000550000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2432-14-0x0000000000390000-0x00000000003D3000-memory.dmp

    Filesize

    268KB

    Download

  • memory/2432-18-0x00000000003E0000-0x00000000003F2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2432-24-0x0000000000400000-0x0000000000550000-memory.dmp

    Filesize

    1.3MB

    Download