Overview

overview

7

Static

static

7

c7fa8e5851...18.exe

windows7-x64

7

c7fa8e5851...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29-08-2024 01:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7fa8e5851c0d57b5f5f430b2eb88855_JaffaCakes118.exe

  • Size

    29KB

  • MD5

    c7fa8e5851c0d57b5f5f430b2eb88855

  • SHA1

    f6a2213e312b42ed26d2e00a46c0a2f948728498

  • SHA256

    cbdb5a1b77829934b1cc7815d719336a8597b7410fe80304ca6144a0dbe38296

  • SHA512

    50705a6bcbcd8b936535ca0473df8f41719c2a1fd8251582123da11f01b7cafffead9321ac4d9a7ee0cf8e308ad096564c929d940f258f0450d80f4fbc730b3e

  • SSDEEP

    768:GXbjK6sXmbfSpcG97rHmghq8LKFbqvj67V/WsCtu0LOJSm:GLjvKOq+GpbhqAQbq7a/Fsu+m3

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c7fa8e5851c0d57b5f5f430b2eb88855_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c7fa8e5851c0d57b5f5f430b2eb88855_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\WowInitcode.dll
    Filesize

    41KB

    MD5

    d561e7f3db9d542bdcc9721999aa2b2a

    SHA1

    710f7da9eb9e1432fd3928a51caa31a356b3f29b

    SHA256

    215ffaf9ec6bd15cb26711fd8fc0df13261178dd29034ec136d245d05bd7b7c7

    SHA512

    484135d4b2f07e0513d37449cac1c950d934aa1444a9ba42028751dc1c140bf96bd7952336493581aed51b835c97c0fd92ae79e0a76d7c5226f71f7b6731e43c

    Download Submit

  • memory/1720-2-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/1720-4-0x0000000000220000-0x0000000000234000-memory.dmp

    Filesize

    80KB

    Download

  • memory/1720-8-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/1720-7-0x0000000000220000-0x0000000000234000-memory.dmp

    Filesize

    80KB

    Download