Overview

overview

10

Static

static

3

JaffaCakes...ea.exe

windows7-x64

10

JaffaCakes...ea.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2024 11:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_51adb9247012627a5e206ab777d77bee8e8f8b5e364d3e2df6df53c2f6da00ea.exe

  • Size

    393KB

  • MD5

    3c732dc10c69e957a4d38165c82b71ed

  • SHA1

    71a32204d4c3e6783d617c9a3a8ec62f9cb68836

  • SHA256

    51adb9247012627a5e206ab777d77bee8e8f8b5e364d3e2df6df53c2f6da00ea

  • SHA512

    5c43393f6e0b1fde37459e83c6b6ef6361f9d86ba4859765ec989b9e499e01c4d6a053bdb989e4449756c7d1bcd63c01e17599f446ab986a7d5a60c79a271cd3

  • SSDEEP

    6144:2g20NbsBNmedasOtnitCJ0lDvEwR9eMxrHuz2XbvR9iH4OPTv3:2g2sb6m0KlitCa1vbrROqDRKVPr

Score
10/10
cryptbotcredential_accessdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

unic12m.top

unic12e.top

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_51adb9247012627a5e206ab777d77bee8e8f8b5e364d3e2df6df53c2f6da00ea.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_51adb9247012627a5e206ab777d77bee8e8f8b5e364d3e2df6df53c2f6da00ea.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    PID:552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\_Files\_Files\SplitSearch.txt
    Filesize

    796KB

    MD5

    7ef2fb88d33cf2f526aa7c4e89e2bb3d

    SHA1

    6470f7be7b0e90a87661dfe665595978e9e99058

    SHA256

    d66c6d89725198ab775a971f2df521cf908478fdb6e7edceb17a507002117788

    SHA512

    e26c6fa699941c8918aae312e533aa1607251fd58b7b4d18e315b92ec0c2599ce39bd420283d6ec88b4ad560e8d3efbf9f5793f5daa63aaf4fedf86905614f64

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\_Files\_Information.txt
    Filesize

    2KB

    MD5

    a29e509cdfd0f8917f1329120d524bef

    SHA1

    5287fd0d151422d484594d9a24e9e7b00daa6758

    SHA256

    a537cd488076ae4326afe80cc61af3fcaa021e58ae7d684bb78c6dd441809f01

    SHA512

    4da022454b3e966e5f673845fa312f99cd5de77876a60598d3aa8f5c58da7c47025cb4bc89e00aea2ffc30eb7aa8d29e1aa3eb68c7d0db409b86b40ebe032536

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\_Files\_Information.txt
    Filesize

    3KB

    MD5

    21b26b5f5540f3e983e3da747225ec18

    SHA1

    5efec926509f9a81508c59950ee502b0369751d0

    SHA256

    38fb1789bedb1c6f348c121ff2ca4971db10d3d82b803a8f74702e403805e117

    SHA512

    9b87e1115fbc8fcd3d3c3f0097cf1bd581bd5179e910aeb4bd78a55142774a132bd4d8fb6c12545dc62f832a17a61b2a2812e963d91bb72e310c2e2312fa7250

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\_Files\_Information.txt
    Filesize

    7KB

    MD5

    aa92fcf126afd53cd24cabd47de1b669

    SHA1

    2d58378f866009de00753bdff7d62a783438b3bd

    SHA256

    31b38a005b7c20e7f76779a2a385c68a5061fa6472ceceb05aa92f0634667626

    SHA512

    a6ecd2fc757a259d6cbd8b936537fc49c42f28f03605646b3f3abdec3799cc647f4c5d2fad38efc719ea04c18fd6a7979bcc3082b117c73ed3dc9d0006706199

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\_Files\_Screen_Desktop.jpeg
    Filesize

    57KB

    MD5

    855a9bc16bc6c94e2d13d48d26935e08

    SHA1

    ddda4752de87ac996381c2d5d346b6f17d124108

    SHA256

    7e3c72d69c1aa459325e40d7ba1aae6cecad8f559ce535170b5affb7cde284df

    SHA512

    eaed50d20ae8ba82067b1d33747045963df8777957204114305381d48f59b8fb49150853aac292c0d1a12b85ddc454909bff257d3eba049deb75376af7d7a289

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\UaVygKUBhg\ctlySiIlPlyfP.zip
    Filesize

    849KB

    MD5

    77cc38f9713d385e938d2f7628bdaf45

    SHA1

    a146c05b0d5f0f9811a3196a435bad484dfaea1a

    SHA256

    c6795af3537f010e41708531c150060838151ffc490d10d651bd21a6ceb2a0ed

    SHA512

    e77b7f1f054f791597fd4f98814dcf9785e1795abe99dc832dcfe5c496a1627ec500a1855f5872ef8e6acf386cff37d82bd6e8dfac54e36d51e2747999640cfa

    Download Submit

  • memory/552-129-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-142-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-123-0x0000000000670000-0x0000000000770000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/552-124-0x00000000021B0000-0x00000000021F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/552-125-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-126-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/552-1-0x0000000000670000-0x0000000000770000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/552-2-0x00000000021B0000-0x00000000021F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/552-132-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-136-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-139-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-3-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/552-146-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-148-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-152-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-154-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-157-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-160-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-162-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-165-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/552-168-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download