Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
21/07/2024, 23:17
General
-
Target
61d211a26ee57d0c29a9f2dd1dcb3139_JaffaCakes118.exe
-
Size
408KB
-
MD5
61d211a26ee57d0c29a9f2dd1dcb3139
-
SHA1
ad60f8f0dc17136c3c054e362365715eb061f925
-
SHA256
2e4c16017c6f80b309aa6b498970ea41b134b22f59340dfc20ec62bf263ec45d
-
SHA512
f68ef150d08abfdad8647b8a03d673c4d1b37b457f2f0325833aaedf8813c8e806286fcb70a0a121825cd4c35ffc45747d124c1ff90addaede2dccbf5f7ef3dd
-
SSDEEP
12288:7huZnDx8SSaijL6+70GE/Amq0XirvTg93y:Ux0jjbE4mjir
Score
8/10
Malware Config
Signatures
-
Drops file in Drivers directory 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\61d211a26ee57d0c29a9f2dd1dcb3139_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\61d211a26ee57d0c29a9f2dd1dcb3139_JaffaCakes118.exe"1⤵
- Drops file in Drivers directory
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
\??\c:\program files\Realplayer\Update\indicator.exe"c:\program files\Realplayer\Update\indicator.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
408KB
MD5304d9f0054ae84b3278c5d5bfb248797
SHA12c45e9c2398e8ad127d78ab64b46f8bfca9e1234
SHA2568b7a48bbb029cc9a31c24d551e060750d5d5b6068ff22df7ccbc1e0b0a9d3c5c
SHA512bd06ab3f740e47094bf7fda22f0601ea7a3c30a9dd963bff3bce68fdc863d9365f126f3cf3320b04f0e0479cdc00f251ff575a05205e54308b33c4124f629e81