Overview

overview

7

Static

static

7

654141744e...18.exe

windows7-x64

7

654141744e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2024, 23:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    654141744eaeb197de2fcea953a1867d_JaffaCakes118.exe

  • Size

    26KB

  • MD5

    654141744eaeb197de2fcea953a1867d

  • SHA1

    1805d5a17000729a7105439712f5156222158849

  • SHA256

    659cdf98994a74b7dddd0ce7b5f60de3752feb9d2cb31b35e490081cd5cbb759

  • SHA512

    efa6020925393766daafa247dcc20878ba09465ca78cba3b7b329c8c817cd4ceeaefeb438d07899990d1a5db27bb2e8777e9c4b0fc49ab61c99e7becabd067d8

  • SSDEEP

    384:sLAOdrB/SGClLprs+xeUcdb3hkSAhtG73m966NN+KJU2Dq9O6MHglXf/+8L:sLASB/8b3o/3hkSAh7TNNNJU22s6dhfr

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\654141744eaeb197de2fcea953a1867d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\654141744eaeb197de2fcea953a1867d_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CPWGameRecord.dll
    Filesize

    35KB

    MD5

    b3b9957e7a458e4d4834097894b78aa0

    SHA1

    1d7127ca61ad24089554ab1702a17facfa842bf4

    SHA256

    a0afc23e87b8b102e19df9c36d67181d8981c096de54f98e2ff337420f69a1c2

    SHA512

    09b1d2acffaeeab613b1a47d5c37908afd09599cd9a81422b0b69d4eda928cb91fa998bfe61ed2e170341ee318cd46707222618d7bc8b95ab8cb8f8ae2efaf24

    Download Submit

  • memory/3180-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3180-6-0x00000000006C0000-0x00000000006D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3180-9-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3180-10-0x00000000006C0000-0x00000000006D2000-memory.dmp

    Filesize

    72KB

    Download