Overview

overview

8

Static

static

7

ab40b4d665...18.exe

windows7-x64

3

ab40b4d665...18.exe

windows10-2004-x64

3

$PLUGINSDIR/Aero.dll

windows7-x64

5

$PLUGINSDIR/Aero.dll

windows10-2004-x64

5

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...mp.exe

windows7-x64

1

$PLUGINSDI...mp.exe

windows10-2004-x64

3

$PLUGINSDIR/RP.exe

windows7-x64

4

$PLUGINSDIR/RP.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

$PLUGINSDI...er.exe

windows10-2004-x64

7

$PLUGINSDIR/Aero.dll

windows7-x64

5

$PLUGINSDIR/Aero.dll

windows10-2004-x64

5

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...le.dll

windows7-x64

3

$PLUGINSDI...le.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

Uninstall.exe

windows10-2004-x64

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-11-2024 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ab40b4d6657e67053c9e36f9f6bf25cf_JaffaCakes118.exe

  • Size

    20.0MB

  • MD5

    ab40b4d6657e67053c9e36f9f6bf25cf

  • SHA1

    8a31c59ac2873a8ed9132685449a0831bf3405a8

  • SHA256

    da437cbf9bd975a8916654aca547e35bbf88df60fb18c57db07401efb33420c9

  • SHA512

    9830b6870a6ba3a5cd8f6e590d8ea3dfe3dcc98639093d81266132106d97ada8322561e78cc30029bc975d21a62d45db141e9f977758d7b092a9f89d5e6fab0d

  • SSDEEP

    393216:/zP3tkQlGDmv9t7Jqqhi4ToFe4UE2kk7ZcPpT4mtq0veVSr+7zejhGgYZS7kxJp:/zeQ8K1t1q+qew3kNcPpT4mtv27SE7S8

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\ab40b4d6657e67053c9e36f9f6bf25cf_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ab40b4d6657e67053c9e36f9f6bf25cf_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads