Overview

overview

10

Static

static

3

JaffaCakes...d9.exe

windows7-x64

10

JaffaCakes...d9.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2024, 21:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_36ad25dda15ea5a29b5aa738f1e60bd9.exe

  • Size

    415KB

  • MD5

    36ad25dda15ea5a29b5aa738f1e60bd9

  • SHA1

    aaa36d292fb1a899116506006ccb2b207fda8a79

  • SHA256

    a13eacd014b6b5032f0b2e0c18bf380f4f371b181e750e7d421870cb6c59aeff

  • SHA512

    70290d735975d71dd9c2bdb01e2805efcb5f7cab81045d201ac1c00a165a8765d508719f0531f2a65ed545f7849997598d1ae455c385d07e6e109f725873b249

  • SSDEEP

    12288:UPSzFKiNNuutzGGP9kYSy1wYJd3d8WPEkLS3C:UPS02ntyS9kI1r8WPE

Score
10/10
cryptbotdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

cemnba72.top

morvuy07.top
Attributes
  • payload_url

    http://bojpyv10.top/download.php?file=lv.exe

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_36ad25dda15ea5a29b5aa738f1e60bd9.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_36ad25dda15ea5a29b5aa738f1e60bd9.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    PID:1168

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\KDSTKyrQ\_Files\_Information.txt
          Filesize

          1KB

          MD5

          94d9531322f271c4c312f1f9e834076e

          SHA1

          63b71c90b63603e319564af8032215735053d937

          SHA256

          5bd4267858c9506b1811452e61f27c96b0e8af915c832f32a9c28fe776e9d79b

          SHA512

          53f4c13c5f194664ea092035377e68cfaf91db3b17c16451c5b09ea512b1b521debfac6c2aec24016c77c92f87ce268be52155f3b770ec83315aeaf11810c233

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\KDSTKyrQ\_Files\_Information.txt
          Filesize

          2KB

          MD5

          9edf9fcc38d010120d7a305a5f8d3919

          SHA1

          3a396f4c94e9a917285649239c4a542834e75ffd

          SHA256

          4e54d3550966e2ca00aab942cf82d68ce95d82ea6786df71daadd94050555857

          SHA512

          248b30ef224f188f815e48a72461b220bbaacb2fc7137d36d526e5bbfd7d54cbf3fbf43532bb57af26485edd96ed5620537400bf5f60816e6210cbabcaa4fcdf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\KDSTKyrQ\_Files\_Information.txt
          Filesize

          4KB

          MD5

          e7b5bbfe65ea399de1b329fb7d83faa4

          SHA1

          73fb159cb9fdd7a5a42951a581de83852b7b42c1

          SHA256

          e501841ca770261b1e9665fa70fe604527a403d15a7f62b39a229a29bd55d789

          SHA512

          70f748601f03aac31b6817e43a2d655a26918e38af071fef4653679330d3c915b8788b626148226a88b0b009e7a94a7bf2ad40469bce4141832203237a958c4d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\KDSTKyrQ\_Files\_Screen_Desktop.jpeg
          Filesize

          58KB

          MD5

          0b4753df38bda063f1c4b187ded0278c

          SHA1

          7a10be35cc7c9dc41b990f7de8babe5d73ea7401

          SHA256

          be10683a865dc4416232bba36d62f40cdc022db6b322e78c83719e7837c797f9

          SHA512

          396a469983995a6f65ebe659af1e58f692ec668113424ad9aadfe8212ae13ab5f097d580c3dabb79c212fb7819032c1e675d55b813579ec37873d9151f3c4bb8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\KDSTKyrQ\ptkjmbwaZeUxUg.zip
          Filesize

          52KB

          MD5

          a3f82aba28ed84c183873d467bb70013

          SHA1

          78a68f574114a16b78ae841dcd7f6fb98d936722

          SHA256

          f7f1d42dabd60d47ecf04376dabff7a593d7515cbdae992628374f12724ee942

          SHA512

          01e0d630406f7fbab89c2c21ac8ac78f4dee40791ef1be05724b335b569cfc0bc7a774f9a430cf0142c13f7f4e8163753285e1b8b96611808edf8629da31147c

          Download Submit

        • memory/1168-132-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-2-0x0000000000900000-0x0000000000945000-memory.dmp

          Filesize

          276KB

          Download

        • memory/1168-118-0x0000000000980000-0x0000000000A80000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/1168-120-0x0000000000900000-0x0000000000945000-memory.dmp

          Filesize

          276KB

          Download

        • memory/1168-119-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-122-0x0000000000400000-0x0000000000448000-memory.dmp

          Filesize

          288KB

          Download

        • memory/1168-124-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-1-0x0000000000980000-0x0000000000A80000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/1168-130-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-126-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-138-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-135-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-3-0x0000000000400000-0x0000000000448000-memory.dmp

          Filesize

          288KB

          Download

        • memory/1168-140-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-143-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-145-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-147-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-150-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-152-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download

        • memory/1168-155-0x0000000000400000-0x0000000000799000-memory.dmp

          Filesize

          3.6MB

          Download