Overview

overview

7

Static

static

3

95eb5e244c...18.exe

windows7-x64

7

95eb5e244c...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 11:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    95eb5e244cdc362a2bb26036d1db133a_JaffaCakes118.exe

  • Size

    100KB

  • MD5

    95eb5e244cdc362a2bb26036d1db133a

  • SHA1

    2f0208f3befdb95f11c22b8c62227f9a6aa23aef

  • SHA256

    c34f47a54af4dd6f6fdb43bf55116ade47bdec3985388824f674c64ac84bbbc8

  • SHA512

    851817f4e268ac94610eff0ef3eedd35b11a3d93e01cba0437b4d86f7d81f8b9b5887acce30bcc47eb9182641851b63dc068522ee4b5ad4c5c1f056c097d7b45

  • SSDEEP

    1536:xvg/g+mt3NzvW5xhdQsNToTSZC9SD55r99vn5QQNK+IzvJMfX:xo/g+mjv+HTsSySHPK+9

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95eb5e244cdc362a2bb26036d1db133a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\95eb5e244cdc362a2bb26036d1db133a_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Users\Admin\AppData\Local\Temp\file1.exe
      file1.exe
      2⤵
      • Executes dropped EXE
      PID:1452

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\file1.exe
          Filesize

          9KB

          MD5

          7f56a683a20bfbec5a28d25cea9dbb13

          SHA1

          e214ea944561199e9fb6f8a019c982b3abca99a8

          SHA256

          7877c38bade4a5e8fa4ed52c57c7bc9f60053db31e89deadf383b0b0779c2ed5

          SHA512

          f388024bfae0317b4bbf057221c660b4a64bfd8c5f4b6a7ba41827b21f935a3cc3f794481d3dbf493958b047cff164dce041b80298d8219a6c1201043ba91597

          Download Submit

        • memory/2692-0-0x000007FEF624E000-0x000007FEF624F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2692-1-0x000007FEF5F90000-0x000007FEF692D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2692-2-0x000007FEF5F90000-0x000007FEF692D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2692-10-0x000007FEF5F90000-0x000007FEF692D000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2692-11-0x000007FEF5F90000-0x000007FEF692D000-memory.dmp

          Filesize

          9.6MB

          Download