Overview

overview

7

Static

static

7

89cfc05cc5...18.exe

windows7-x64

7

89cfc05cc5...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 09:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    89cfc05cc569216d7054d0053f5736e2_JaffaCakes118.exe

  • Size

    358KB

  • MD5

    89cfc05cc569216d7054d0053f5736e2

  • SHA1

    24fc7e299a989f287324478cb46e46726747fa86

  • SHA256

    6f7af4372e3ebc6cdd9714c7ab0a401edb188d031672bb3c1f89474b36d44dc5

  • SHA512

    9984fe3502756af518a7fa86f701e36ed53c24e4def8b05daa2324d267c764dbfbe5cb6d6ce1550682ee3b3ffbb97169a0f25d2e2989af0919065df8981816c5

  • SSDEEP

    6144:Ul8KWs/bWq+nR6xtEstSlckJ4OUSccLU4968TI+RjoSfc:Ul837cCHJrccvZPRjoSfc

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\89cfc05cc569216d7054d0053f5736e2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\89cfc05cc569216d7054d0053f5736e2_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\GetRightToGo\89cfc05cc569216d7054d0053f5736e2_JaffaCakes118.data
    Filesize

    1KB

    MD5

    362b90fe527b53b94677ae743341616b

    SHA1

    b6f7ae068fb58f7482c4c1cc8be6f7eadb8d828d

    SHA256

    140f96d745c06780c939185c8c5d384fcf2df61d0b406462a40456c063e5d22e

    SHA512

    0cf87f0864db605e66670cc6c8d3e5c33a36700795ef4f265ea997d7ac0a5953b643d2004c527032ff05cef3b81cdb0d9f2a84a14730834f3a45301a821ebdac

    Download Submit

  • memory/2368-0-0x0000000000400000-0x000000000050C000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2368-11-0x0000000000400000-0x000000000050C000-memory.dmp

    Filesize

    1.0MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.