bed82b765a6f77de01c55cace7c15e4984fda706f7fa8357836e67793a4358a4

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13/10/2024, 06:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
Size

8.6MB
MD5

3e3cce8bed6edaa30d8e21ef99d4b66e
SHA1

2d014ad3249af8e8ed112e6ba0a67cc10e971107
SHA256

bed82b765a6f77de01c55cace7c15e4984fda706f7fa8357836e67793a4358a4
SHA512

02d25603cb97c2e6ba5713f0000ba04bd9c41a9b86a4d357a446446a28ac36e00257364fb9f9a0dbe3afeeefdca7bfa42828ec7fc2aaa9cbb27dcd43a39a32a6
SSDEEP

196608:UD1x7GGICteEroXxHVfEqlbkkwR7VTEew+ZFtt69MEOWS4j8pr7r:WGGInEroXnfEqirRRo3+Zvt6OET

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
2848	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2548 wrote to memory of 2848	2548	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe	31
PID 2548 wrote to memory of 2848	2548	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe	31
PID 2548 wrote to memory of 2848	2548	3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe	31

C:\Users\Admin\AppData\Local\Temp\3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2548
- C:\Users\Admin\AppData\Local\Temp\3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\3e3cce8bed6edaa30d8e21ef99d4b66e_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI25482\api-ms-win-core-file-l1-2-0.dll

Filesize
11KB

MD5
9552fdb73fe453fdb69e794d06b2ee61

SHA1
178e278fa9dc3ac7224bcd74722b19dd7aa70edb

SHA256
064c7b10c031d09a2b53bad9b77fd12ab20681531aa228f4bc84200f0391c75c

SHA512
48fc32dbf52bddb880ad9ca3f8004a95facc81ea4a6c942785fb80488e1a94f8b29881e19737959b628b0029f1b4ad562a19414e5bc59de04a7f683824ea0f2e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI25482\api-ms-win-core-file-l2-1-0.dll

Filesize
11KB

MD5
726f825f41da2f50b7bf4e77c6270268

SHA1
d11a55a4972f37d244a965579abea2fdd6db167f

SHA256
1f904737b907864e16a74426f0af57dabf5cb105ae68bae5971afc3f3959cb2b

SHA512
361c25f553fc8040d6c837e18f84810c860d466831749db0a68281e888d0236111176aaa0f19af06d4810d70399264a0c7aa98cedad3171138b7000b2a33a921

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI25482\api-ms-win-core-localization-l1-2-0.dll

Filesize
14KB

MD5
ace9c9c8f8502f85373866dafb376d13

SHA1
7a335a70ea824db1a8747fc1da2f510878d0a8b5

SHA256
8fe02fbdd7812a562833e33c07caa547febc5e838c8e94b5212bb0e1ed12c0b2

SHA512
f34d3256fc04783207c70646aa21fc6e2a177b8e236695dc7888daf055cba5f6c53ce1382ca34ce82728f2dd87b26fee24c32fc1192cf0ca004be78d2bacea93

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI25482\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
12KB

MD5
2a67a6efec3b636f32436c65e69673a9

SHA1
ce511b07ab01cae957c4ac92cc73cc219d00e6ba

SHA256
a6bf1902df0a767261a93cb47816ff0a120f1c41b5687d62b2d2ac9fd4027311

SHA512
adee1720ba1d972dca502c0f7ab6107ff71126207b33bdf94630b23cbab92b8b3bb83ac384ffce460cc59589c1ca28fd4683020a02dc0b646cb998be0700c39b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI25482\python39.dll

Filesize
4.3MB

MD5
7e9d14aa762a46bb5ebac14fbaeaa238

SHA1
a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9

SHA256
e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3

SHA512
280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI25482\ucrtbase.dll

Filesize
986KB

MD5
14f3d657b29c0de2f9f91a563cb0e4d7

SHA1
f7cea78693c4189e2d353cf3bc2c70fb4699575d

SHA256
ace7a1a8dc840c1d082e955f48b63fa29cfa30f7920b7df8d5dad05280d433a5

SHA512
dd7e447d9e1624ac0e6b8d835a6b026c6fabf5b5e05f653bc3bf31d1b4de8232c87cf84f052fe3048f3360fd101c2fd3ab7157e1def81789e6067e5a71dd9ecc

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI25482\api-ms-win-core-timezone-l1-1-0.dll

Filesize
12KB

MD5
47f93eaa16c98dd606b33b75ea781a24

SHA1
af32849d1b678f139d1c8bb4239e19833471ec24

SHA256
0eca1f24b7803c1f7e8d61486eaf9b84479a5ac6288046e1a3cd0059ccd4b69b

SHA512
4d9860f27feaffacca50f1ddcddc7f4d93ae5072a97e72e443022b8db0c51079c45c823ea1b8e852ab1b05233a3aea093c9131d7dfc982816a3442a4f409f7f5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads