Analysis
-
max time kernel
93s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
06-09-2024 10:22
General
-
Target
cf532015ca5629f61ffa70cd82639f1a_JaffaCakes118.dll
-
Size
54KB
-
MD5
cf532015ca5629f61ffa70cd82639f1a
-
SHA1
7b2e28cf214e13503aa520d538fc9fc0277a8043
-
SHA256
35cc8da172e5ca4fd7954efe0dd2f89fdb01f00c5f8e1c3d5fb472e61a7cc582
-
SHA512
e9435c9104d823528ca5cf44c0ff45198417350ca9486c4bcc7717535913312655a76c5c8db38f93b94cba324804597c2a67d3e9d7c63fd32da842f973ca0c35
-
SSDEEP
1536:s65kur9+8JrMcG8DjmO9xIrfJEB3dPBI3PCaZxNBPXD91R:trMgrHfDjmO9xIrJEBNPBIq4VF
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cf532015ca5629f61ffa70cd82639f1a_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cf532015ca5629f61ffa70cd82639f1a_JaffaCakes118.dll,#12⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
88KB