Analysis

  • max time kernel
    94s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/10/2024, 04:30

General

  • Target

    162a018fb1079e2c8ecaa0ee3766c879_JaffaCakes118.exe

  • Size

    160KB

  • MD5

    162a018fb1079e2c8ecaa0ee3766c879

  • SHA1

    197bef6639522697aca85c627c3edcbb0bfe49a0

  • SHA256

    c84b8140e58cb9a18e18756bf5f08b1d7be318d2abb9db005ede3aca89b913fb

  • SHA512

    8763ffaa771e63282df042a0f34c3254f241be45f225717b9a555073c556ae588a5442e5f08876cf5420e523e8aa7bf56a0dbb3062b9e6a2e922e52de31d6ef4

  • SSDEEP

    1536:+aMmKEB9SeVOkNV9qpAUY539HpWwmgNkww5lx5IvLvEWgDAgvWSrInFGe7Mym8Ld:Q29xzP53PWwnzelxLA8rzYm8kqC

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Processes

  • C:\Users\Admin\AppData\Local\Temp\162a018fb1079e2c8ecaa0ee3766c879_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\162a018fb1079e2c8ecaa0ee3766c879_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    PID:2232

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\o~305140.dll

          Filesize

          80KB

          MD5

          379d7c0b2dc783571e4b008108f115a5

          SHA1

          1491d9607cc368bd7b2e081c7ab8597deb541821

          SHA256

          a9e77e5865e5c4aad84fb4c77801bf56b2e2a6a94ad256bd079deac24aeaa96c

          SHA512

          ae80450a8d0720b14295329c983b38beb39ccd4d10cc2296189b9ef1897b2f298f06ea2a0deeba1c43b2500449160433ae419e1a21f87c3493b1bbac91dd4e2c

        • memory/2232-0-0x0000000000400000-0x0000000000462000-memory.dmp

          Filesize

          392KB

        • memory/2232-5-0x0000000010000000-0x0000000010015000-memory.dmp

          Filesize

          84KB

        • memory/2232-7-0x0000000000400000-0x0000000000462000-memory.dmp

          Filesize

          392KB