Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/08/2024, 15:56 UTC

General

  • Target

    86b4544e09d55ab5b001bf15489c0afc_JaffaCakes118.exe

  • Size

    7KB

  • MD5

    86b4544e09d55ab5b001bf15489c0afc

  • SHA1

    3f1de52e278b13379fad5ec8aec7bd5c2caca5c1

  • SHA256

    57523108153d6aa7a439c745ba8bf50f01aa9c40c7867e75e3599e3575dd8199

  • SHA512

    59141da234cdd47cd159a3cd563b640ae1c6c345e16c55cd9fe0cbada4f39e2cc0ea73c6d5fd62243cd555a35cfc522d3aef3535d241e9f705534720e8233928

  • SSDEEP

    96:LkoG6kHWjs8F7TssS61vF5cE2TYlnlYJnLeL0Kff345Clv1r5RXmm68ajF:Lljs8NvS61wV2nlYJLeLTg4zn6T

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86b4544e09d55ab5b001bf15489c0afc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\86b4544e09d55ab5b001bf15489c0afc_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2568
    • C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
      dw20.exe -x -s 408
      2⤵
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2496-2-0x0000000000460000-0x0000000000461000-memory.dmp

    Filesize

    4KB

  • memory/2568-0-0x000007FEF648E000-0x000007FEF648F000-memory.dmp

    Filesize

    4KB

  • memory/2568-1-0x000007FEF61D0000-0x000007FEF6B6D000-memory.dmp

    Filesize

    9.6MB

  • memory/2568-3-0x000007FEF648E000-0x000007FEF648F000-memory.dmp

    Filesize

    4KB

  • memory/2568-4-0x000007FEF61D0000-0x000007FEF6B6D000-memory.dmp

    Filesize

    9.6MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.