b012f1db744f5e1ce4c2fb11625e9b23ab32f7828b4be5daeeb37f3a77fb514e

Analysis

max time kernel
7s
max time network
121s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
25/07/2024, 14:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
Size

81KB
MD5

6ff3a81015189397ce2d0afdd3250f1d
SHA1

0159a6d23e60f46e62304a8f1ba1133ae12b9bf5
SHA256

b012f1db744f5e1ce4c2fb11625e9b23ab32f7828b4be5daeeb37f3a77fb514e
SHA512

10134d4e7678cc390d1d217c8087db9a17007b4988e8d6739f6c4e42d017d804eb66baeb92a093deacee76461723fb8881b470fa7c9212440b968512b1d736b5
SSDEEP

1536:larO2R3XZVPlF31n1TClFvLLcAGJn+yRJCPDzCBgLg1ZKa:lV2BZVPlFlnxClFvLLcA+sPDzABCa

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Doom 3 + serial.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\DAoC + cheat.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Doom 3_codes.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\Quake3 trainer.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\UT2004(cheat).exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\Sims 2 + cdfix.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Sims 2 + cdfix.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\UT2004(cheat).exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\BattleField 1942_crack.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\Doom 3 + cdfix.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Doom 3 + cdfix.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Quake3 trainer.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\UT2004(trainer).exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\UT2004(trainer).exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC + cheat.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\Doom 3_codes.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
File created	C:\Windows\win32dc\Silent Hill 4 + nocd.exe	6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\6ff3a81015189397ce2d0afdd3250f1d_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:2516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Sims 2 + cdfix.exe

Filesize
85KB

MD5
37f5fa75e67f0f3db0d0e5bf887becdb

SHA1
c82e43adab0684a594076f0d2b97ece341c95d9a

SHA256
592c2a93043d274b52ffda59718eef950aa767ba4fb536d8911a4dbd7d5e3c63

SHA512
722e5b5a714a710afe9c40adfc4ba96493519f0373933ddb5fae725f3157e3f0b289ba446921c879a2f1e5394b519ff3dea2070b76d7c1110817dbe18511b603

Download Submit
memory/2516-16-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads