Overview

overview

10

Static

static

3

JaffaCakes...d0.exe

windows7-x64

10

JaffaCakes...d0.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2024 03:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_f845fcb8f6deb74106ecf33d3218f4e62e41583f574636d1f8100a4a4ce46fd0.exe

  • Size

    387KB

  • MD5

    10705f8044a34859d05cb87753ba8069

  • SHA1

    5a64633a72ad22a74b381af8c0be1f39068fc93c

  • SHA256

    f845fcb8f6deb74106ecf33d3218f4e62e41583f574636d1f8100a4a4ce46fd0

  • SHA512

    76f8c23f3b213cffcc249e54db9c5ea744df07374149a1d2b012b09b02938efd9bd8ac489c15ca4f3a3c24eadce8a308576f1de3f430470f8d62d07ef056c7e7

  • SSDEEP

    6144:haTNtmVs7XZj0vjSUtcCPUNdkHMQV+u2bWac:haBtmMXZSjScCkz2b3

Score
10/10
cryptbotcredential_accessdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

unic15m.top

unic15e.top

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f845fcb8f6deb74106ecf33d3218f4e62e41583f574636d1f8100a4a4ce46fd0.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f845fcb8f6deb74106ecf33d3218f4e62e41583f574636d1f8100a4a4ce46fd0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    PID:1100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\KlrHxqtGIvev\NHcGHcrqWL.zip
    Filesize

    49KB

    MD5

    11fff72e6c7a19fb00c1104dfefc3f1f

    SHA1

    2d623704fad23a10d08c3d847111426eaa0a43c7

    SHA256

    9dad225f315dcaf7f8b10ea0a46ea4ae5415b8464dfb9193df91cb84ab62e5d7

    SHA512

    079f8da68e62a5cbe6ca6b11bccc71a5fc7204ea3f6961b331329339c45f1c9388dbe6256c0d60d8ace3a6f72d6c1271ce9cf108e7bc0ea733101ee7ec5bc0a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\KlrHxqtGIvev\_Files\_Information.txt
    Filesize

    1KB

    MD5

    1508ec29b468e4f43c27a1551c14993e

    SHA1

    e4481ecaf0e5f2d8699114af3b17f7f82c040813

    SHA256

    4945f00d1f4190074b49ca0651e22c8d415ed558fd35f268885c1278ab36a297

    SHA512

    b4ab8b740c17375873598d69714ffdc63720de8357780b8f7f40ff847024732ef28af5029de7420989153ea83d59452f1f1dae289e1f23de1f5243932f9f8aec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\KlrHxqtGIvev\_Files\_Information.txt
    Filesize

    5KB

    MD5

    7a97dfdfd081701f23100e896e9420f1

    SHA1

    8986a9ef680c90d2c5fdc50323f34ba5e17b3536

    SHA256

    8377cd8ba9033d05d6e8c004120a7abbda3554630d03df0ae614bf3db43ee505

    SHA512

    c9762c27f1debf245a466d681b647411176b429725953e62f7456467009aa6e4eaf6404637a9d78872c53dcce32b4425f72b70861b6032ecd4a8b6d6df0b9bd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\KlrHxqtGIvev\_Files\_Screen_Desktop.jpeg
    Filesize

    54KB

    MD5

    29b5e04c455e905c8610626ded8365f6

    SHA1

    b9992dc40e106a0dbb7c9f3f7ff0322c2a50052d

    SHA256

    9ddf9299c65215486e5ccabc39e941a739c296a9a181d98551bc2a5ad2278e22

    SHA512

    94f8370f9a8aa486d8a74990cb785b6d6c84cee73f934776675a2606149ee8028b43ce800be44f090779f1e7963c8031b0ad2c4afcef0d0f98d9a2579bbd01df

    Download Submit

  • memory/1100-127-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-130-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-118-0x0000000000710000-0x0000000000810000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1100-119-0x00000000021B0000-0x00000000021F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/1100-120-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-121-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1100-124-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-2-0x00000000021B0000-0x00000000021F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/1100-1-0x0000000000710000-0x0000000000810000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1100-3-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1100-133-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-136-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-139-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-143-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-147-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-149-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-152-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-155-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-159-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1100-162-0x0000000000400000-0x0000000000468000-memory.dmp

    Filesize

    416KB

    Download