Overview

overview

7

Static

static

3

5c1f138aaa...18.exe

windows7-x64

7

5c1f138aaa...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    139s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 13:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5c1f138aaac593ae7674099468957f8f_JaffaCakes118.exe

  • Size

    56KB

  • MD5

    5c1f138aaac593ae7674099468957f8f

  • SHA1

    0bece3587ad30f17b8a918e9d1481e1e7bfbe6c7

  • SHA256

    18717017513d4b4cc0976e466b776bb6d251552dd2de4d34354e4f6b346f0d58

  • SHA512

    bbe244f830bd731449bd0a79a3aef162bbf7dd82eba42756cd1a9519dcaf8170b7ba11f70356a7fa0c89334a1cdc6527b1f083d9cb7f49d62bdb5becd6990089

  • SSDEEP

    768:Ll6g1Xli1GFYeIcACLPYru3DkP4rZYfzx+/7RBRQRwRsRTCJg3XWTCI:Ll6gWoFqCLPYrYkP4+bx+Tg3GTCI

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5c1f138aaac593ae7674099468957f8f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5c1f138aaac593ae7674099468957f8f_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Windows\killa.bat
      2⤵
        PID:988

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Windows\killa.bat
            Filesize

            229B

            MD5

            48908be3f23c258afd3fa228ebd189dd

            SHA1

            aea28b75ad0d97978d375840e263e32f6926286d

            SHA256

            e9dbad32256eb03154ceb152935f7dc783b2b47e84986eaf4ae42651c5bcf48f

            SHA512

            b33d30787311828715a80f233a22bdcb3022074f9101deb14e7a8609f8636ad3ba1cb1bac3a283b88cbe5b1fb8ffa648b72bee604d078c9e53f1ad022fe8ff67

            Download Submit