Overview

overview

7

Static

static

3

ea8c7bd3a8...18.exe

windows7-x64

7

ea8c7bd3a8...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 04:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea8c7bd3a8b2b42841b21cd6d2ac3a0d_JaffaCakes118.exe

  • Size

    42KB

  • MD5

    ea8c7bd3a8b2b42841b21cd6d2ac3a0d

  • SHA1

    164ffb17ad74c6d39d9174eb5d8a254dad81b1b1

  • SHA256

    f87d33de0f380d320f1ddf8fb205af22f8581fe26602517a0e77e42b67e473e0

  • SHA512

    482c2fc46f33aeb1e4f5adc870e690f64e3cb7e78398e4ac93fdc5c5c284d66fb28e8472b846fbb8fa482531cab19e3658dd79bcc87a0271233f18d91c591d61

  • SSDEEP

    768:6nmOOGR3+KHCw51ot5HJG4eTxWP7udgzcep82/k:6zIt5HJGY7ueAeI

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ea8c7bd3a8b2b42841b21cd6d2ac3a0d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ea8c7bd3a8b2b42841b21cd6d2ac3a0d_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Common Files\Microsoft Shared\MSInfo\SysWFGQQ2.dll
    Filesize

    236KB

    MD5

    3f2764865a572d923a738d4b1a99e422

    SHA1

    0dc7565cc2781f0bd04311d16cfe3768ce78c053

    SHA256

    5282c3505aeb7878fa36265b36c6e17b04a4d09d48e19f4368ce410fb857a68a

    SHA512

    e307c63f6f3f61ef5fcbc105fed2ca2f657ae0e90cd18994e39b3969c069138baaf6ffd197308305556d098eda1cd1a1d03083eaa926b4a5b2fccbc04d352a2d

    Download Submit

  • memory/1728-0-0x0000000000400000-0x000000000045C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/1728-4-0x0000000000400000-0x000000000045C000-memory.dmp

    Filesize

    368KB

    Download