Overview

overview

10

Static

static

1

26bbaf5330...118.js

windows7-x64

3

26bbaf5330...118.js

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2024 22:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    26bbaf5330243120bd7cb98592b723f7_JaffaCakes118.js

  • Size

    703KB

  • MD5

    26bbaf5330243120bd7cb98592b723f7

  • SHA1

    fa166312e25b3c45bf2d1afe85fe60ea02967b94

  • SHA256

    3fa3afdac631ebaa1b985f68a8022cde39b60be1e7b02e2cdfbcbf3e73d74472

  • SHA512

    bf04db80e0ee3e8b3ec07bb78a11c7e7616a89c02379d0714679ed29eee7ed7351637be8244d27292b28583cbbab868c51847776eb05810e9782116c367b3934

  • SSDEEP

    6144:SZTwdqO2MV4EhguLGNBNFH6YiKxqiias1LaUOXnnS93rDFngKHcoJgnAMdjurqG7:3

Score
3/10
execution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\26bbaf5330243120bd7cb98592b723f7_JaffaCakes118.js
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1508
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\hzqhbnkwu.txt"
      2⤵
        PID:2808

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\hzqhbnkwu.txt
      Filesize

      88KB

      MD5

      b17f8717fb9e59f8a215e3dcbb6ddaba

      SHA1

      2ddc1536f65be6d984c5911621b742c393c26421

      SHA256

      c0c0bb0c40b9313224a780256303c0e08a0b037de2c0964907b66a73a0ff80c9

      SHA512

      2424e46efc68d238b044e20943a0b8c536dc31fa5d0319fbd3d31367f84d55812622eca47ab7742e5f889ddfe01514f00558388530380beb515fbf0ffab70258

      Download Submit

    • memory/2808-4-0x0000000002640000-0x00000000028B0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/2808-12-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-19-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-20-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-29-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-34-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-39-0x0000000002640000-0x00000000028B0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/2808-41-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-78-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2808-86-0x0000000000340000-0x0000000000341000-memory.dmp

      Filesize

      4KB

      Download