Overview

overview

10

Static

static

3

JaffaCakes...be.exe

windows7-x64

10

JaffaCakes...be.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2025 00:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_b576cf6ecfa87f4f9eaa636a46b758be.exe

  • Size

    232KB

  • MD5

    b576cf6ecfa87f4f9eaa636a46b758be

  • SHA1

    a42611662c0d224ddd163a59af2efcec2f71a886

  • SHA256

    5697e8e6906901aa2a2353afc258b9766773dbea0e051f2de24cd39c2045668b

  • SHA512

    d42575c42c40eeeb132c0c152c925b6790373b235fc87b7cee535e2e1470d7a875afcd9eb3a177d07da5fa5fd4fe54b49f70e405f562ab4f9be8826a135a9b07

  • SSDEEP

    6144:ngxInv9KvT3MOO3mH5diTCKgaIADG8elp:nGInlYiTCmxDE

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Signatures

  • SmokeLoader

    Modular backdoor trojan in use since 2014.

    trojanbackdoorsmokeloader
  • Smokeloader family
    smokeloader
  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_b576cf6ecfa87f4f9eaa636a46b758be.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_b576cf6ecfa87f4f9eaa636a46b758be.exe"
    1⤵
    • Loads dropped DLL
    PID:1980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1105.tmp
    Filesize

    1.2MB

    MD5

    d124f55b9393c976963407dff51ffa79

    SHA1

    2c7bbedd79791bfb866898c85b504186db610b5d

    SHA256

    ea1e16247c848c8c171c4cd1fa17bc5a018a1fcb0c0dac25009066b6667b8eef

    SHA512

    278fe3a4b1fbbe700e4f4483b610133e975e36e101455661d5197bd892a68839b9d555499040d200c92aefa9e3819380e395c0cd85d5fc845c6364d128a8cf06

    Download Submit

  • memory/1980-1-0x0000000000240000-0x0000000000249000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1980-0-0x0000000000220000-0x0000000000228000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1980-2-0x0000000000400000-0x0000000000409000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1980-7-0x0000000000240000-0x0000000000249000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1980-8-0x0000000000220000-0x0000000000228000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1980-9-0x0000000000400000-0x0000000000409000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1980-6-0x0000000000400000-0x0000000002F01000-memory.dmp

    Filesize

    43.0MB

    Download