Overview

overview

10

Static

static

10

JaffaCakes...09.exe

windows7-x64

10

JaffaCakes...09.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2024 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_910287d16c1c58e12c5d5742c2cf811d4072e768d9674cb6845833c7b1260909.exe

  • Size

    504KB

  • MD5

    b5e582df7efbe899267cdf8be82bcaff

  • SHA1

    2ae69bbf0e6304597dec52aebd51dbab76d7ab60

  • SHA256

    910287d16c1c58e12c5d5742c2cf811d4072e768d9674cb6845833c7b1260909

  • SHA512

    b3dd52da61df6a7eb74ea0b5e3c2e9711d2f5104e8b10b239c18399ae688adb74c603b17fadb7c7f14c1eebb0cf884e1831486e2ddcc92e74ce5068e35f0005c

  • SSDEEP

    12288:Tbo7ydYUzsV7qJJHBaZuK6sfFCKsfZDIVSd:PcydvzsZqIuKBf2ZX

Score
10/10
remcosrat

Malware Config

Signatures

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos
  • Remcos family
    remcos

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_910287d16c1c58e12c5d5742c2cf811d4072e768d9674cb6845833c7b1260909.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_910287d16c1c58e12c5d5742c2cf811d4072e768d9674cb6845833c7b1260909.exe"
    1⤵
      PID:3916

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3916-0-0x0000000000580000-0x00000000005FE000-memory.dmp

      Filesize

      504KB

      Download