Overview

overview

7

Static

static

3

df4429b1fa...18.exe

windows7-x64

7

df4429b1fa...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-09-2024 01:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df4429b1fa0d9a86299368d22dafefde_JaffaCakes118.exe

  • Size

    140KB

  • MD5

    df4429b1fa0d9a86299368d22dafefde

  • SHA1

    84c00f3409e2bff0fb51e852424e714b3b8245fe

  • SHA256

    5a867769ec3f09dfa967b4058a5ed8bd9e217789ddcf8a6515b9d49cd313b9e4

  • SHA512

    0c4098551ac0efe8c1e45a48cfb6f9eae0a0e6a18fee0d6b990120f459f11a769dc53b56224af8f98595b0ea6e1d3130c73c65cb6bb901324bd0360f20609883

  • SSDEEP

    3072:Z8h8kNPOyAFaXXnCNlLe8cSifzVtkqw9HtSjEF3GdLE:ZGxDnSlKNSifzMqKNSjEFWdL

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\df4429b1fa0d9a86299368d22dafefde_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\df4429b1fa0d9a86299368d22dafefde_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:4972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Ccb_detect_hdzb.dll
    Filesize

    42KB

    MD5

    e3de7cb9e11f877abdb56d832f20e76f

    SHA1

    f52d5de2123e1dc802237bb78db61027652605d9

    SHA256

    99ef1edd43b252243aa8fe13eb8ea641c473dfc335e4f4914e321fbe5e8f26e5

    SHA512

    5a138f468e203f40b0c079c91f49acff0df8569b14522c6ed4805206c84bc513e6881185855a92ca0134b4314ed8edeff574cd2edeeeeacbc3810e0c26e8c0f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\HD_Comm.dll
    Filesize

    11KB

    MD5

    2759f9ffaf4b8d738c2b5c42193cc659

    SHA1

    8088377753f509fe7fe41c65b03687c48bbc47b4

    SHA256

    bbdc742bdc24fb4639ba3bb9fb85e4866704884f163bd3845a534fa06c80dc26

    SHA512

    6e5df2c0c540e1b4c8d10ebcfae938bd223f2536a3ce021e3d48bc8b9841d1f627f3e9bbcd3d4ea8bf800ce548ca2b220d84e877ae60a4f97322b99246dbcc5d

    Download Submit