Overview

overview

7

Static

static

3

5e9af8c96d...18.exe

windows7-x64

7

5e9af8c96d...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 02:00 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe

  • Size

    580KB

  • MD5

    5e9af8c96de7eb8adfebd17298b51cd1

  • SHA1

    022c2c7675ef1f7008128a99a8385d4aadae4ab0

  • SHA256

    457ff38fd9bfdcd20643855708f6074bd3f1a394d7f585582309fab22b4b549e

  • SHA512

    d7a5207793582d17e8c4b653af3e539feb70ca28a16029573941d00fdaa6950c75c0efa692dfb328c53738182e23175f3ba02cb00c489064170ee0476c8ffe3e

  • SSDEEP

    6144:lL3lSRhsodgrpLadbtDmG6oag5GvfKbtKyF01RtKAKzQ4itN5yjvuxGxPgLfV2T5:V3lSRhLgrh8q2vuN2THN+vq5vw7k

Score
7/10

Malware Config

Signatures

  • Drops startup file 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe"
    1⤵
    • Drops startup file
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2484

Network

  • flag-us
    DNS
    www.srmvx.com.br
    5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    www.srmvx.com.br
    IN A
    Response
No results found
  • 8.8.8.8:53
    www.srmvx.com.br
    dns
    5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe
    62 B
     124 B
     1
    1

    DNS Request

    www.srmvx.com.br

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2484-0-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2484-2-0x0000000000400000-0x0000000000498000-memory.dmp

    Filesize

    608KB

    Download

  • memory/2484-4-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2484-6-0x0000000000400000-0x0000000000498000-memory.dmp

    Filesize

    608KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.