Overview

overview

7

Static

static

7

60a65fe9ab...18.exe

windows7-x64

7

60a65fe9ab...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 13:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    60a65fe9ab426888c7bf179e98a9528a_JaffaCakes118.exe

  • Size

    101KB

  • MD5

    60a65fe9ab426888c7bf179e98a9528a

  • SHA1

    e2cb719d3b2e1f8808347167027ff5940a5536b0

  • SHA256

    f2d1914cadc21b2173a3c7965ba913655672a958f1cf1b25354d299dfe57676d

  • SHA512

    cb2019c1559f63cf11e1de2b7deb3cb6301d122c67e46eee8b024959891036b924ce5a53f2865ea4d86f5394e4563a80c7ef5869ef9dfd4b5ade387aec32ffd0

  • SSDEEP

    3072:U72aVxY/j0I3Z3Dr5DJuRlEchRA+j3zAIn:Upxwj13pDrolEyRA+j39

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\60a65fe9ab426888c7bf179e98a9528a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\60a65fe9ab426888c7bf179e98a9528a_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    PID:2680

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\mnJLh.siq
          Filesize

          73KB

          MD5

          e9157a37eb8d0879072ef2c02d2180ec

          SHA1

          df970c817a0f2a31bdc7468526a3716a7d3268b9

          SHA256

          3cff6bdb80e9cda2fc5c411d07da5484a9a1bf862d5990f7057c9cd25c915b94

          SHA512

          f0e3af02df03dd943a2e0c71031b619213d071f9849bc68b29ab544a79e85af645ef0a7ba33c17bbc39d3f9ae54df213d529b12cb34d131d50df00af126504e9

          Download Submit

        • memory/2680-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/2680-16-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download