Overview

overview

10

Static

static

3

JaffaCakes...57.exe

windows7-x64

10

JaffaCakes...57.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-01-2025 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_d05bb6e2dd8b80fca50af85296dca757.exe

  • Size

    347KB

  • MD5

    d05bb6e2dd8b80fca50af85296dca757

  • SHA1

    02f3ee798b04f233e622a400d58688d464ae322f

  • SHA256

    beb6aae479299a359e58a6dea775616b30ae474c7de0e2083f50997455273632

  • SHA512

    d1477933d96159a5c882f9251fab29775ace5c320f1dd31712017eef0fe27b34f7f6440b738aef0cdd31876492a0b191b4d5719ce85f474de23b6c95e478d5e4

  • SSDEEP

    6144:ZLNfr9ti3Q7FnY3gH+X+0qH77kliXQIxZetZvuyLEHyglIADG8elQ:Zhfrbi3Qt+WKBk7giXQfaXxDd

Score
10/10
cryptbotdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

veoalm42.top

moruhx04.top
Attributes
  • payload_url

    http://tynjua14.top/download.php?file=lv.exe

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_d05bb6e2dd8b80fca50af85296dca757.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_d05bb6e2dd8b80fca50af85296dca757.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    PID:1212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\hsLfKdCHixik\HpVNcOHySRayfg.zip
    Filesize

    47KB

    MD5

    b73ed7045f5677686a82c6376ed0f5d0

    SHA1

    f51a08062583825b98dde64d57d44079a947696e

    SHA256

    c7b598246da6ef1e111845e73532f55e87eb51f70719b3ae9f0284f084c87853

    SHA512

    99d181e6d4fcf13155603bc2574163ac3d0254766d9afa6bde53f36c7a7ba089fb5d8a70e42776895faed3ba878ab1f32fd48e952c9f19555132c5f0db8e3ce5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\hsLfKdCHixik\_Files\_Information.txt
    Filesize

    4KB

    MD5

    494f6b85892731d82da751a1b18b1c1a

    SHA1

    14859afd8a06c79ec4a23a22184b1e5796085c43

    SHA256

    dcfea05edab015d3e655b8d4610e55924a08dae61974f730b079a3c43f5945d7

    SHA512

    b33cdc5d0e518707551de7cc3d5a5dae8951819077767f749063ecbea9e1e3767dd139527f2eafdf7f6e48a1f815eac60a1d44667526b8f8c9be4d1a34e0efa0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\hsLfKdCHixik\_Files\_Screen_Desktop.jpeg
    Filesize

    53KB

    MD5

    1e9b75bbaf60d2724d253ba08b99529f

    SHA1

    75b4e949caa3150c3e2ad994ea1d42b8690ed446

    SHA256

    43d17830250f6a996e49491986b93db761ebc9416f7452863e6610aec312a655

    SHA512

    886ff46b2a893e3767247dbccfb7a22858de7dc0f70a8dbca337ebe88c4e64cf5fc7c75ba79ee46bdfaedb050f560c0fc1d905dadcf1ecffc3497651243b5a1b

    Download Submit

  • memory/1212-113-0x0000000003180000-0x00000000031A5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/1212-128-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-0-0x0000000003180000-0x00000000031A5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/1212-118-0x00000000031B0000-0x00000000031F5000-memory.dmp

    Filesize

    276KB

    Download

  • memory/1212-117-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-120-0x0000000000400000-0x0000000000448000-memory.dmp

    Filesize

    288KB

    Download

  • memory/1212-122-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-1-0x00000000031B0000-0x00000000031F5000-memory.dmp

    Filesize

    276KB

    Download

  • memory/1212-125-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-2-0x0000000000400000-0x0000000000448000-memory.dmp

    Filesize

    288KB

    Download

  • memory/1212-131-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-135-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-138-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-141-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-144-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-147-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-151-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-154-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-157-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download

  • memory/1212-160-0x0000000000400000-0x0000000002F1D000-memory.dmp

    Filesize

    43.1MB

    Download