Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
27-06-2024 03:16
Static task
static1
Behavioral task
behavioral1
Sample
147aa31e67b80c6f184ec06ae5d2162a_JaffaCakes118.dll
Resource
win7-20240611-en
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
147aa31e67b80c6f184ec06ae5d2162a_JaffaCakes118.dll
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
147aa31e67b80c6f184ec06ae5d2162a_JaffaCakes118.dll
-
Size
346KB
-
MD5
147aa31e67b80c6f184ec06ae5d2162a
-
SHA1
7f170e58fbfdeea7c48592daf78c979c75e2d16c
-
SHA256
5009deb8788132352f601bb3b2d254bdbf84fca52e260e55edb5d05a8d789c41
-
SHA512
0aa998ab2d74b4427e59d6c77b246a6bbde586ff84c616c513005283bfe75277c2c8efe5ca3275885f6892e758d13d18c945592701544a267c7e87a5debf3336
-
SSDEEP
3072:u82jpiC2JG7HZb7XWQml/jz8A4diTE90Q6kF4CKAYRkcj:92L7HN7Kl/jLA90QECrYRpj
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4544 wrote to memory of 320 4544 rundll32.exe rundll32.exe PID 4544 wrote to memory of 320 4544 rundll32.exe rundll32.exe PID 4544 wrote to memory of 320 4544 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\147aa31e67b80c6f184ec06ae5d2162a_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\147aa31e67b80c6f184ec06ae5d2162a_JaffaCakes118.dll,#12⤵