Overview

overview

6

Static

static

3

af74a0a067...18.dll

windows7-x64

6

af74a0a067...18.dll

windows10-2004-x64

6

Analysis

  • max time kernel
    137s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-08-2024 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    af74a0a06718e94519bc478fa9b408a2_JaffaCakes118.dll

  • Size

    320KB

  • MD5

    af74a0a06718e94519bc478fa9b408a2

  • SHA1

    59077acfdb77bd657803e35e8d8f9cc9352ba6e4

  • SHA256

    9a17e30456e9d1652556a43d4328651ef3c3b607d6cb6b84fbf10d548f086d91

  • SHA512

    37b90a1d156d4b818c4fe18135045ecf05b02fcf493a100cffb449b27ca38c2bcb46c733d3c7b68c6456ca8486c8fd391f7e5d33bbd26332b41196f9170cfa04

  • SSDEEP

    6144:OcqOC3gGQ1bIIoPBtTM0CYOS3e8UtOETN2uAhI+Eow:OcC3cbloT40ClS3e3tOG4ulow

Score
6/10
adwarediscoverystealer

Malware Config

Signatures

  • Installs/modifies Browser Helper Object 2 TTPs 1 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 56 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\af74a0a06718e94519bc478fa9b408a2_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\af74a0a06718e94519bc478fa9b408a2_JaffaCakes118.dll
      2⤵
      • Installs/modifies Browser Helper Object
      • System Location Discovery: System Language Discovery
      • Modifies registry class
      PID:4592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads