Overview

overview

7

Static

static

3

65bd6ad279...18.exe

windows7-x64

7

65bd6ad279...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2024 02:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65bd6ad27985fc1c4719bc353ddbf6e2_JaffaCakes118.exe

  • Size

    279KB

  • MD5

    65bd6ad27985fc1c4719bc353ddbf6e2

  • SHA1

    cff06402bba5632f2079da6f2d5221104071bc77

  • SHA256

    969d59f923e69c306d8173b2b3949694f65b53b24f8a9388db12ac2f24cc8ad9

  • SHA512

    db2af435a26e8ea5cab3b055226b2a7914e49ff2b1a77cbbbb0e9f891d1f6b5720165953ab1c35265669527967103aed36acba5d2b0dd5fe8319db25646afadd

  • SSDEEP

    6144:HOg7hprjhU+z3H9MGsN60N9VxooYThNfTG5p:HOg7hBlZbdhhK9rxl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\65bd6ad27985fc1c4719bc353ddbf6e2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\65bd6ad27985fc1c4719bc353ddbf6e2_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu-0958.dll
    Filesize

    266KB

    MD5

    92c042064317044bc612b6649d29b48b

    SHA1

    94886d93ac80fef3d2dc73ee8011781935606724

    SHA256

    0078138fbac022f9c1ddbf19a6c8abe8ccc918257c975208e405b746499be204

    SHA512

    2c4650246aea8e0c18dceaf718d634234b559a5a7c54721275f032c34508516d4d34f4858e0d52edd10a0ea878ca2235f2b973c506b2c95af7047aa05b78070c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{FE4B5AA8-1023-6F1E-59E7-141EFA67ABD5}\_Setup.dll
    Filesize

    188KB

    MD5

    cf4d6fdf9ae0a9d46be62344891b947b

    SHA1

    5099c7836701644bd8dcf6a053d658a8f4d8d983

    SHA256

    a2feab6db63a377944e604fa5abe6254602cd3e3aa5a465942a237c6493b906d

    SHA512

    501174b7451f50c1425e044f45cdac7748fc939b1eb29a6d75d8ff64f5a8831434e8c49ed981e7a7a05984bab03cc9709686352e1c1ab6484f96217496405b30

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{FE4B5AA8-1023-6F1E-59E7-141EFA67ABD5}\_Setupx.dll
    Filesize

    28KB

    MD5

    228722b118082a17ea16789d2cc38ee1

    SHA1

    4d840f5eea2a71ea27f60fb235145a683650da80

    SHA256

    591c3695f1c11acd7f2d67b449bbd10f6a72457f7a27146c26ac4d79ad5b37d2

    SHA512

    a1cb62594c03e0832b0b671f602ca45deb059a326a176b8e6d294da490f61e7972a12447c41bcbb5da163a544e9a1160043b29866383131f8e6574ee13592dc8

    Download Submit