Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
04-07-2024 23:31
General
-
Target
26a39d0134a6a0cf7cc04e45944cf632_JaffaCakes118.dll
-
Size
433KB
-
MD5
26a39d0134a6a0cf7cc04e45944cf632
-
SHA1
a0701990d6096a35c665b90c1bd05d304ab221e3
-
SHA256
64a4f5c36756a77895b7293cd29993d15e681c3235dfbfe18a4effe1095c9d80
-
SHA512
0780b5855c8fd839d0cd6be0a93ff4871e1310bc6f074e9e245899da6c04802fe975587d91e63ae92201fabb149769e1aea31b36232a7a3e268e6439b64fe7d1
-
SSDEEP
6144:vIxv11OXWGod2s5k/qF8Rht5+bzo+1cNwPLvoqg0R2VhPefm0TozUS87s5FEpy8A:uiRmkiWRht5wzo+1c2obY7QzcU8CKXy
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\26a39d0134a6a0cf7cc04e45944cf632_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\26a39d0134a6a0cf7cc04e45944cf632_JaffaCakes118.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2040-0-0x0000000059D70000-0x0000000059F58000-memory.dmpFilesize
1.9MB
-
memory/2040-2-0x0000000059D70000-0x0000000059F58000-memory.dmpFilesize
1.9MB
-
memory/2040-1-0x0000000059D70000-0x0000000059F58000-memory.dmpFilesize
1.9MB
-
memory/2040-5-0x0000000059F14000-0x0000000059F15000-memory.dmpFilesize
4KB
-
memory/2040-4-0x00000000001A0000-0x00000000001A1000-memory.dmpFilesize
4KB
-
memory/2040-3-0x0000000000290000-0x00000000002E0000-memory.dmpFilesize
320KB