Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/04/2024, 12:48
Static task
static1
Behavioral task
behavioral1
Sample
8d01cc26b0451a985f22c3c4b0d5d38e_JaffaCakes118.ps1
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
8d01cc26b0451a985f22c3c4b0d5d38e_JaffaCakes118.ps1
-
Size
922KB
-
MD5
8d01cc26b0451a985f22c3c4b0d5d38e
-
SHA1
f7595594ad3aa9a301e433b88bc7fe2a2bd093f9
-
SHA256
00478fe24efb8f6a974b15a4ea214eb66dd27f142867b8c6238bfd06e2966ef6
-
SHA512
2c00abe6bba0e7e3db8481174650f0a631ad79506a097bac4114b7628df0f464c710967451704523135f066682a5d61b7ecaa537c07f43c9c612a88117ddb523
-
SSDEEP
6144:47r30L+v/27COS9HkwK56zXyNp+UEPVopoo5t6:/6p
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2320 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2320 powershell.exe