Overview

overview

5

Static

static

5

fb18a3bd15...18.exe

windows7-x64

5

fb18a3bd15...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    94s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/09/2024, 23:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fb18a3bd1567fe3e8010e81575751877_JaffaCakes118.exe

  • Size

    11KB

  • MD5

    fb18a3bd1567fe3e8010e81575751877

  • SHA1

    5b1658c3ce6f284664e91cf4ff5b0cff0b74af29

  • SHA256

    9517217645069bba990555f5b8247416e4f446446527c98491a2374153c48a4c

  • SHA512

    5ef407a438f1f24b4ee422319de7b89ca53866c8e7202baa1c1199c9ce8405c40bd9335cc9e4d83dd7a59d7b25e76ce1d505170ea05290f52048f60ebd6907ed

  • SSDEEP

    192:nm258F4hw4hH/jmB46mgEISnR9N0enp0M/LtBf8krKp8dbjABdwF:MF4hw4t7mA5n64pN/LL8kOWtjAfe

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\fb18a3bd1567fe3e8010e81575751877_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fb18a3bd1567fe3e8010e81575751877_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4460

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4460-0-0x0000000000400000-0x000000000040F000-memory.dmp

          Filesize

          60KB

          Download

        • memory/4460-1-0x0000000000400000-0x000000000040F000-memory.dmp

          Filesize

          60KB

          Download