Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
18/10/2024, 04:01
General
-
Target
555e43f7c8825aa0950984b008e9df75_JaffaCakes118.dll
-
Size
72KB
-
MD5
555e43f7c8825aa0950984b008e9df75
-
SHA1
210a27f381435b37fa7fdfdc007211ca514ac48e
-
SHA256
9f40576f35717be2784eb38f1d245021b2744572aed4fa144ce3a94605e291f2
-
SHA512
253e9c76e803e3a6f0933d683ac08e293fb9226f902e05d10f9848ba3733ead2e449ac6d5abde690dffeb33fff3c3bce070f7ae611140e53bffda24820f0e72b
-
SSDEEP
1536:EdNs9O6qwtr21l6TcEVyGR6jZw+6g7N9sCcz9sqoon3OKHO95ZfQzi:EdNs9O6rryCRwN0C9cHOlom
Score
5/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\555e43f7c8825aa0950984b008e9df75_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\555e43f7c8825aa0950984b008e9df75_JaffaCakes118.dll,#12⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB