Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
25-06-2024 18:32
Static task
static1
Behavioral task
behavioral1
Sample
0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe
-
Size
100KB
-
MD5
0f1a5666c9775d2b44dda70de661bb7d
-
SHA1
4b825c8c20c58ab6d109035d0168af633cefbca7
-
SHA256
b0a39c9667944f066ff4d59094a1cad331587236ea385d4ecc48b647236ad427
-
SHA512
1d84b0088d4f7858d379f6e0084ce889b31175695b522af51a2d5ea1658a082ab6704a1822b9267b3b418139f40a3fa0ae7f8b5609a9f4bacd6318722406319f
-
SSDEEP
1536:ug0+Rd+TotduPhWqdRiz3L736JdWSoZKfR6zuE:rdIPJ5R8L7qHWSA
Malware Config
Extracted
guloader
http://mtspsmjeli.sch.id/cl/XP_remcos%202021_HzUYr10.bin
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exepid process 2524 0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2524-2-0x0000000002140000-0x000000000214C000-memory.dmpFilesize
48KB