Overview

overview

7

Static

static

7

70535f2fa0...18.exe

windows7-x64

5

70535f2fa0...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    25/07/2024, 16:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    70535f2fa0b341a7ea6f007ee0d5f720_JaffaCakes118.exe

  • Size

    834KB

  • MD5

    70535f2fa0b341a7ea6f007ee0d5f720

  • SHA1

    dedec30653009f23ac506a37a742d1df46067519

  • SHA256

    026b7cfbd6bdbc2c453824b7a8c22146d9b742af5bbdb02f617098b5e70a371a

  • SHA512

    35273b346d0d3a07f3d7350438e4c19f2d96e72b96f6672c6afe2d167318e410a6144e92ee32abf0196caa2516ac1eb5dfb3c21af0010521051635ff0b87ee72

  • SSDEEP

    12288:R0RZ9xEXl9hMGcN4yjITR4xzqqpEmTp/Ji4vxIqa5ixgtC+iV+j/t1Abqj61AIvB:CoV9hPgjDqqpHo+1C/tN+

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\70535f2fa0b341a7ea6f007ee0d5f720_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\70535f2fa0b341a7ea6f007ee0d5f720_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    PID:348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\oamLXVTTg.dll
    Filesize

    532B

    MD5

    8f3632a3e12d0234edcd2cd630e636df

    SHA1

    8b0c1b6141cb7c17912e5740921adaa720474789

    SHA256

    db75ccc370da372e710cd5e7de4c86bfac89da58312a470458a6d5f5bb850d2a

    SHA512

    8234cf21588675ab22f56aa87e0f85a52c8aec62ebb45e172511de756867750aaee569f8680164edd29dd177e3d42bc5c4df58065eaae00978ad5beee34fbe7f

    Download Submit

  • memory/348-0-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/348-30-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-32-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-34-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-35-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-37-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-39-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-41-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/348-44-0x0000000000400000-0x00000000006C2000-memory.dmp

    Filesize

    2.8MB

    Download