Overview

overview

6

Static

static

3

dce1109263...18.exe

windows7-x64

6

dce1109263...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dce1109263b6fd3a21714a5d72ef6088_JaffaCakes118.exe

  • Size

    401KB

  • MD5

    dce1109263b6fd3a21714a5d72ef6088

  • SHA1

    f14525e306b3c8239730f36d8701721b4f98e6de

  • SHA256

    bb90ed6de59ddd20a778cde8674756c0ea9f476e5103a4e25985454b1f3fff42

  • SHA512

    991d8374f67d4163cdb4282089ae1e34b47b743efe89aeed924e2959134c05501c9508fec83cbd0a200ceb1f5e03833087677a3e2e2b55970c408462eeeb56ec

  • SSDEEP

    6144:dDPTP1cNF4ozgTRaanwfBqW2VC6w4+uZzrjjuVdiPzgOLjXQGAmNqaB/l:7cNF4XaawfB8vl+utnjumPX9AVCN

Score
6/10
adwarediscoverystealer

Malware Config

Signatures

  • Installs/modifies Browser Helper Object 2 TTPs 1 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\dce1109263b6fd3a21714a5d72ef6088_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dce1109263b6fd3a21714a5d72ef6088_JaffaCakes118.exe"
    1⤵
    • Installs/modifies Browser Helper Object
    • System Location Discovery: System Language Discovery
    PID:2140

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2140-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2140-1-0x0000000000400000-0x000000000046B000-memory.dmp

    Filesize

    428KB

    Download