Overview

overview

7

Static

static

3

3f98f9076b...18.exe

windows7-x64

7

3f98f9076b...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2024, 11:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3f98f9076b57001ecbe85f8ece4a134a_JaffaCakes118.exe

  • Size

    303KB

  • MD5

    3f98f9076b57001ecbe85f8ece4a134a

  • SHA1

    715e7446f804cab6b111f21a503121bf59970e34

  • SHA256

    f0bd069556763c0b6939547578e10a9636b1e28e7363fc038e3aab5c1a39bd65

  • SHA512

    5a5983305d5215143acfbe7503ae9b29da806140768729bb309c28e982ff297844682525aa159f6c2a4b1f01a587a146aadb29bd9ab70068b251c154199872de

  • SSDEEP

    6144:Wrnr9UarEuMEvjr24HtrxTUGFVENlS8NlY2RKaVUx4vYNPHKD+dI:Wrnr9jEsX2utrxAG7ENl/NlNRBVBANPe

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3f98f9076b57001ecbe85f8ece4a134a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3f98f9076b57001ecbe85f8ece4a134a_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:2720

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\Tsu824B46FC.dll
          Filesize

          267KB

          MD5

          d1ddd2bed23dd1e6a70855f5f7ba3e7b

          SHA1

          7c75eacc13fc2f225dfa9820ea306f6bbc891516

          SHA256

          e6f6af10a5d9496fda5f06b1dbc23f64ccda396b2fc219fd2464851edc003ba5

          SHA512

          d9647b1beffe978ef999e59417fbd6e9ce7fa7efbce690ce2039dd14bffbbdf8e18f56a529f1ce362a47b0b49121085afc6981e15b9177a3672e40de099369e1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\{10F8C340-A2B2-486E-AA85-EA90CB1BE1B6}\_Setup.dll
          Filesize

          214KB

          MD5

          8afbc01104a513c2c8d64e83f1ce0eb2

          SHA1

          70d5b158ceb9136568e90feae3d082101295c6a0

          SHA256

          2d752988d17f790ad99a17196a9a9c3a87210984c8b96fafc81ac4c41e1908cb

          SHA512

          00e66ec827ffbe0374b6b6dabdbecbb01455077bea79264d1ac11bb7211c1758270d1336de4effae4a204f6b014fc39020e3bdeaac6bd814c9ec7776db271c61

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\{10F8C340-A2B2-486E-AA85-EA90CB1BE1B6}\_Setupx.dll
          Filesize

          43KB

          MD5

          3dcd34c76ece9df5d90dc8133caaa9ae

          SHA1

          6f88b7346ae8bf469c785e2dbcadc17248f88faf

          SHA256

          2244157361ab0a1ce81944416971b6433f21fbcc3763b613161adcb51fd9f5e4

          SHA512

          16fd6cfa52a8db0878b9fedfb79ebad7846c5ae2c9cc91a009266cd395733206691107e04ac70d99e4c8a7ef5c69ed0125d7925b6d937dcb5e95d3b2275e1487

          Download Submit