Overview

overview

7

Static

static

3

497bb44ec0...18.exe

windows7-x64

7

497bb44ec0...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 10:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    497bb44ec01f6b61f8ce55abf166db4b_JaffaCakes118.exe

  • Size

    145KB

  • MD5

    497bb44ec01f6b61f8ce55abf166db4b

  • SHA1

    08f95e40749ad127f34858a65756ea7346405762

  • SHA256

    37d10879b0c43354e775c5bc72fd029eabe9152dae00c56a1a1cb69b6aad12e1

  • SHA512

    bf6aeee89a40a135f9142af2291b5f1b8ce13fb2b12d5af7a225287ea8700d6a0193de0cf3ff183dd161454e4cd0d7857151f9c77af3ae4d3f10714d1be4ae82

  • SSDEEP

    3072:3RD4IrIOVzXt2tewivWvhvZ1DxEeKOx0V1myi4toeiRClG9pKj5XWCwS6e8i:3l4NOVzkgwivWvhvjI11oeiRClG9pKjD

Score
7/10
adwarestealerupx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Installs/modifies Browser Helper Object 2 TTPs 1 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies registry class 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\497bb44ec01f6b61f8ce55abf166db4b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\497bb44ec01f6b61f8ce55abf166db4b_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Installs/modifies Browser Helper Object
    • Modifies Internet Explorer settings
    • Modifies registry class
    PID:2500

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\ProgramData\dxg.dll
          Filesize

          119KB

          MD5

          e02d9fb868a496c06b6e7e5e3ded7ed3

          SHA1

          7f1a14455378242d9ef23912a3cfb88bc5abb9fe

          SHA256

          c5578dd8ac7b1375160680e9ea7a58f35825dc54ded89d54dab083be40d6e210

          SHA512

          da5f3c9a2fa040e93d50d99c2aeec382e4b1fd08a191dcf56b73a2fc9639a397532febd1920b97546bb7aa16adb0f7a52971c96b10cd51fad035f74cfcb40c10

          Download Submit

        • memory/2500-7-0x00000000002A0000-0x00000000002C3000-memory.dmp

          Filesize

          140KB

          Download

        • memory/2500-11-0x0000000000390000-0x00000000003D0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2500-15-0x0000000000390000-0x00000000003D0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2500-14-0x0000000000390000-0x00000000003D0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2500-16-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2500-17-0x00000000002A0000-0x00000000002C3000-memory.dmp

          Filesize

          140KB

          Download