Overview

overview

5

Static

static

3

96ee3b3c2b...18.exe

windows7-x64

5

96ee3b3c2b...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    139s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/08/2024, 17:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96ee3b3c2b8dc47aeabe06dd4abd48e6_JaffaCakes118.exe

  • Size

    368KB

  • MD5

    96ee3b3c2b8dc47aeabe06dd4abd48e6

  • SHA1

    0502499865be956c1243fc637a583253d66668bf

  • SHA256

    a97b8547a34558ca0d2f091a48f428c828fb64844f1dced0de45464e2444df1e

  • SHA512

    e27c0fb790e1671734bf6b17a6a4782f3673bd84f829482aa48fbcd0b1066a14d25884ecf175233b74adc997d69fa665ca1eccf47dd357eaac5c405035ae3b9c

  • SSDEEP

    6144:2YPEF2idZecnl20lHRxp3grQJ+rRXqf6UOForh5mIQ7AkL+Lag:1PEF3Z4mxxliaf6UJl5FQ7VL+d

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\96ee3b3c2b8dc47aeabe06dd4abd48e6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\96ee3b3c2b8dc47aeabe06dd4abd48e6_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/836-0-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download

  • memory/836-1-0x0000000000A90000-0x0000000000AE4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/836-2-0x0000000002450000-0x0000000002451000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-12-0x00000000033E0000-0x00000000033E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-11-0x00000000033F0000-0x00000000033F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-10-0x0000000002420000-0x0000000002421000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-17-0x0000000000A90000-0x0000000000AE4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/836-16-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download

  • memory/836-9-0x0000000002490000-0x0000000002491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-8-0x0000000002460000-0x0000000002461000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-7-0x0000000002470000-0x0000000002471000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-6-0x0000000002400000-0x0000000002401000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-5-0x0000000002410000-0x0000000002411000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-4-0x0000000002480000-0x0000000002481000-memory.dmp

    Filesize

    4KB

    Download

  • memory/836-3-0x0000000002430000-0x0000000002431000-memory.dmp

    Filesize

    4KB

    Download