Overview

overview

10

Static

static

3

JaffaCakes...61.dll

windows7-x64

10

JaffaCakes...61.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    06-01-2025 00:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_046e235e5dad84063e3135e65f58b461.dll

  • Size

    825KB

  • MD5

    046e235e5dad84063e3135e65f58b461

  • SHA1

    823510e34c44667b341064a13bb67e6d4e489c1c

  • SHA256

    1c582548950d5bd2ed2d5e2b6db39f8b7f078e5ff667d2ebb9944205656f5336

  • SHA512

    c33b589e9fa864844813b9681e49f146a387a4256a817c575bb28b8a4ef86134921e1c4f511c784e49e4b7f996762b2696f7f5f9d09136b8fe46a2f30f3e8087

  • SSDEEP

    12288:NafGVgqM7aafQIbyhxi5zhRSAofMvG9VWTY3DdWyS5EPGy:NafGVJwyAq+hfgAG9VWGdWyIy

Score
10/10
bazarloaderdropperloader

Malware Config

Signatures

  • Bazar Loader

    Detected loader normally used to deploy BazarBackdoor malware.

    loaderdropperbazarloader
  • Bazarloader family
    bazarloader
  • Bazar/Team9 Loader payload 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_046e235e5dad84063e3135e65f58b461.dll
    1⤵
      PID:2336

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2336-3-0x0000000180000000-0x0000000180030000-memory.dmp

      Filesize

      192KB

      Download

    • memory/2336-2-0x0000000180000000-0x0000000180030000-memory.dmp

      Filesize

      192KB

      Download

    • memory/2336-0-0x0000000002190000-0x00000000021B9000-memory.dmp

      Filesize

      164KB

      Download

    • memory/2336-4-0x0000000180000000-0x0000000180030000-memory.dmp

      Filesize

      192KB

      Download