Overview

overview

5

Static

static

3

e188c5f085...18.exe

windows7-x64

5

e188c5f085...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/09/2024, 02:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e188c5f08509525bc2c92cb5b97f3e7f_JaffaCakes118.exe

  • Size

    5.0MB

  • MD5

    e188c5f08509525bc2c92cb5b97f3e7f

  • SHA1

    1de176bc5bf9ea9e6f374836b02678d9e019b4bf

  • SHA256

    92f5f8f4b62caca9910bf9af2b881a1a9d3883dc5cf7803a935236cd7fbe94dc

  • SHA512

    9da820be328afadaac03ddc250fd7b7098e99d37da392db40d96ca714cfcaae0065954bf7e95d44fb4cc40116a6614a4f437ac74fc520fe495b95778de66a408

  • SSDEEP

    98304:2vxcAGYG5F1N4FY3F/9LKT6mnFQzyBz3trO:2u7YEDiFI/1LzyB

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e188c5f08509525bc2c92cb5b97f3e7f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e188c5f08509525bc2c92cb5b97f3e7f_JaffaCakes118.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/884-15-0x0000000140000000-0x0000000140895000-memory.dmp

    Filesize

    8.6MB

    Download

  • memory/884-14-0x0000000140000000-0x0000000140895000-memory.dmp

    Filesize

    8.6MB

    Download

  • memory/884-10-0x0000000077160000-0x0000000077162000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-8-0x0000000077160000-0x0000000077162000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-6-0x0000000077160000-0x0000000077162000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-5-0x0000000077150000-0x0000000077152000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-3-0x0000000077150000-0x0000000077152000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-1-0x0000000077150000-0x0000000077152000-memory.dmp

    Filesize

    8KB

    Download

  • memory/884-0-0x0000000140053000-0x000000014039A000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/884-16-0x0000000140053000-0x000000014039A000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/884-17-0x0000000140000000-0x0000000140895000-memory.dmp

    Filesize

    8.6MB

    Download