Overview

overview

10

Static

static

3

JaffaCakes...94.exe

windows7-x64

10

JaffaCakes...94.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-12-2024 21:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194.exe

  • Size

    387KB

  • MD5

    87fd447e1dfc44afef7593f5dd27a427

  • SHA1

    4101a9c049fc91ea24d65824d10f95263eaae88c

  • SHA256

    5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194

  • SHA512

    590bd88ef61e87b45fcca3634556635b94a7015e0f8b016d714c20ac0fde3ce2f2e7e975f7a4a8d064c66d157eb968e0e9b81d4abed3ad456bcb4610f0fe4993

  • SSDEEP

    6144:SNb52zA3WmGYNIni6qeNfYl6LyIA7tt1a0FNgjFX:SNbkoWmGKKiVe8gyIAhtjNgh

Score
10/10
cryptbotcredential_accessdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

unic16m.top

unic16e.top

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    PID:4884

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\YfixbJkE\SawauqMpFibP.zip
    Filesize

    55KB

    MD5

    9d94d079d94458076b92699309ce43b3

    SHA1

    58c22fcabfbae96bcab29bbf338d5992587111e9

    SHA256

    1ec23ff0271c6d65bc0fbbfb0502088d1a9ec706faa5f2cd24b4809bab2d1823

    SHA512

    32f1e6efd9116063bc2f57e09efcf7d49b18c02d9fcbd6c455a73052e44511e5df1b16c02912fac2fe28ec0e0c7619e57447b2e66d60b584a94c6377dc2fb5c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\YfixbJkE\_Files\_Information.txt
    Filesize

    1KB

    MD5

    e68f4c149f5d76247dd845b67a772c5a

    SHA1

    4a3ab4a6b75ed1bec94c42c4af7f4791fb5b3daf

    SHA256

    00b09e72b73e587162f903dc1f1f3eb3543253625ba229eebe23261ed7348b67

    SHA512

    bf5426443a976ca359879f02d098d770557bdb31bb2624f80b8a08e19dee56e85fa5e74315f4f6763b877151dfc35da45ee5aab9f89053b28f8e4308b3a88a50

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\YfixbJkE\_Files\_Information.txt
    Filesize

    7KB

    MD5

    d4669cfdb693c2b96a210da68896fed4

    SHA1

    d70ce4d825a7a5e70290b3be41ed4d0445580e17

    SHA256

    efd2d1a94de0b97617ef6d19ba026c543d6079538665f47421b60e84dda3f420

    SHA512

    8c535488f7d13fbb808de8610b5f017616b6b9376910cdd7535f64fbf1492c1cfd15ef5ac631aa87ef2ce1f23ab0b175e8038ab321dd41ec7807b11e1064f51b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\YfixbJkE\_Files\_Screen_Desktop.jpeg
    Filesize

    60KB

    MD5

    208eb62b071288c208266ff9333cef85

    SHA1

    91ef967a43c0b53fca3cceaa7ff4b6548b1d782e

    SHA256

    4cea7bd798d502d353e8cdc1b81ea55eeec97310cbd94b3415aa836aeec6825d

    SHA512

    fc6b742e87a3df6ae8f8fa3865ba820073278fc9716f218782485fdb3c6333da30c1b33e86b1140071bd14986f69c637edc29fd596ca27070650a05430e9e21a

    Download Submit

  • memory/4884-126-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-129-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-114-0x0000000000710000-0x0000000000810000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4884-115-0x00000000020B0000-0x00000000020F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/4884-116-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-117-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/4884-123-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-2-0x00000000020B0000-0x00000000020F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/4884-1-0x0000000000710000-0x0000000000810000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4884-3-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/4884-132-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-136-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-138-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-141-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-144-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-147-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-149-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-153-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-156-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/4884-159-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download