Overview

overview

1

Static

static

1

5f80484e39...18.dll

windows7-x64

1

5f80484e39...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2024, 07:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5f80484e39f9137ad09effa9a66bde97_JaffaCakes118.dll

  • Size

    41KB

  • MD5

    5f80484e39f9137ad09effa9a66bde97

  • SHA1

    31fbff0fd0beac218cc82ea2af4cc56bac488175

  • SHA256

    2ec49256b14f16ea5e9d7cfe413e7a9ef8072a745aa031862b88bdaee7ba3e53

  • SHA512

    6c9c62ce889e03943070ac0ad46433ace126d87cd77632bf458967be702fbf944c4612c6aa5cce5912bd29e0bf4392e77f62bd9914f18d535e6cce1e718cd853

  • SSDEEP

    768:2vnelLFjLNe/qB46qsm6m68glmrSLHA3v45xWbJQ2MWAOzXv3uhN2:2feZFNepum6Lrv5xYQ2MGCE

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5f80484e39f9137ad09effa9a66bde97_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3524
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5f80484e39f9137ad09effa9a66bde97_JaffaCakes118.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2640-2-0x00000000012D0000-0x00000000012D8000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2640-1-0x00000000011B0000-0x00000000011BF000-memory.dmp

          Filesize

          60KB

          Download

        • memory/2640-0-0x00000000011A0000-0x00000000011A8000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2640-3-0x0000000077B12000-0x0000000077B13000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2640-4-0x0000000001340000-0x0000000001341000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2640-5-0x00000000012D0000-0x00000000012D8000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2640-6-0x00000000012D0000-0x00000000012D8000-memory.dmp

          Filesize

          32KB

          Download

        • memory/2640-7-0x00000000012E0000-0x000000000137D000-memory.dmp

          Filesize

          628KB

          Download

        • memory/2640-8-0x0000000000CD0000-0x0000000000CE4000-memory.dmp

          Filesize

          80KB

          Download

        • memory/2640-11-0x00000000012E0000-0x000000000137D000-memory.dmp

          Filesize

          628KB

          Download

        • memory/2640-12-0x00000000012E0000-0x000000000137D000-memory.dmp

          Filesize

          628KB

          Download

        • memory/2640-13-0x00000000012E0000-0x000000000137D000-memory.dmp

          Filesize

          628KB

          Download