Overview

overview

7

Static

static

7

6187cdc4f5...18.exe

windows7-x64

7

6187cdc4f5...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21-07-2024 21:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6187cdc4f5d16676fa46f77f9cd97200_JaffaCakes118.exe

  • Size

    11KB

  • MD5

    6187cdc4f5d16676fa46f77f9cd97200

  • SHA1

    103ee92b272f2f4277976d3efc2cbf6a24ea73b3

  • SHA256

    eadedd4bdec7c7f4d92f37e1ade8453ef03346ec4a2ce017fb7c392326f736dd

  • SHA512

    8b4b86e35db752ba8f75324b5e85f1e3e2b004d68f4a86433ddf8d271d13dc35fd43e58986986a706f2ccfdb45e919dc0e9188410000d2d37c8d515723f1fac3

  • SSDEEP

    192:wxezzfj7CxUjwXw7frmqzWbz3gpEDCvgVp1ZUFqei7BhUoF:wxIj2AwkCqzWbzsvgjbiqeYtF

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6187cdc4f5d16676fa46f77f9cd97200_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\6187cdc4f5d16676fa46f77f9cd97200_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\bodll.dat
    Filesize

    13KB

    MD5

    8ff1b3e6c9f9e0f1a68dc93f8593d7dd

    SHA1

    e16cd301b36a05ecc53d7c3231697ed1d946e736

    SHA256

    be9586672db6117b9e4e18145b4b8d92434ba42d9fb43f133fbf86baf1cf6390

    SHA512

    7515f258511e5916c00e0172141a2f240b8372d2c18a007a4768c7db4f03124007d56bc6e400b8c0b3d8401f64d15f4474e77a089a43f1b16fd3853673830e41

    Download Submit

  • memory/900-0-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/900-6-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download