Overview

overview

7

Static

static

1

116b635a81...18.exe

windows7-x64

7

116b635a81...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/10/2024, 02:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    116b635a8119e3235b9815520b971ec8_JaffaCakes118.exe

  • Size

    669KB

  • MD5

    116b635a8119e3235b9815520b971ec8

  • SHA1

    4eb469081c084541a1d92681a5123eca1bcbf65f

  • SHA256

    b6f92012e7e89862f80e25d3a7669c0a39ca749660caa9b5a61b57c9b5e3815f

  • SHA512

    1ec304f8a6a671e83ab1d0f9b72413a13ee2b627ff254f215ba8e08b3d6e19917e215e1e752ead832296a6899da42e1ddcdee5328e407845eb7f648c828d9f21

  • SSDEEP

    12288:/exhH6HiUVUEPVCWpj7Vy5bwmF6KpvoI+QcGcf7S5DGbJpFUeVGQ:/uV6HiUVTPVCWuwmFNvoI7cjSdGtUq1

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\116b635a8119e3235b9815520b971ec8_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\116b635a8119e3235b9815520b971ec8_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2316

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\truste.jpg
          Filesize

          5KB

          MD5

          1959eb33004d6107d3412e109c37b742

          SHA1

          59c3a787483e7743d5b805cd36726a0bec7e4992

          SHA256

          e60a764cd4d721c9fd261555510c51c668d112a37f2da2f0be1da6dceaa5f8ad

          SHA512

          238724a6b809d371c6ebab6057c61019e48caf7dd3245c6dca77efb5c015703a206472a9b82f778114c8dce3f10dd13fba972644b137020e4e5507053358e68e

          Download Submit