Analysis
-
max time kernel
123s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
08-04-2024 18:07
Static task
static1
Behavioral task
behavioral1
Sample
e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exe
Resource
win7-20240215-en
General
-
Target
e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exe
-
Size
20KB
-
MD5
e8164af68b74d5accdee8442816d45c8
-
SHA1
cf540bc52b6c9756deab7a8cb4d21923159732cc
-
SHA256
8900d008a65f0023379337f37e48920f0446f4632ba630f3093801e04f76ae1a
-
SHA512
68346de47bede9407e90561e53f34dfc67b6da53f44dd45ae62c192af09ce8df30ce9d07d15d79a05ec5f882a4331e3f6f346c760e53f21d0ca2ce380c52b3b1
-
SSDEEP
96:/lx9XBhvtjXHbjtSJ0in3N9HDXNxOhDE+2DLlI2:/TZXFj3bjti99HDXNSDEJpI
Malware Config
Signatures
-
Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
Processes:
flow ioc 6 https://jira.ops.aol.com/secure/attachment/688199/failwhale.html -
Drops file in System32 directory 1 IoCs
Processes:
e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exedescription ioc process File created \??\c:\windows\SysWOW64\iexplorer.exe e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exepid process 3528 e8164af68b74d5accdee8442816d45c8_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Windows\SysWOW64\iexplorer.exeFilesize
504KB
MD5c43ff15dea35ebbf59939f08fe919656
SHA18828e79191832342047ada6104eb2fc0eaf2d6f7
SHA2566e03eb20ec31e67cfa0d5d497790b19fa5b5a8a8f9f913a59cc13a097af05ad7
SHA51235e8ca898a89da3951a87c44191aa1e1b89b4aa9ea6c1f12da3012ccb8d503219f5f5a657edb6ffb097269436a76de0cdd9aa1105b8af3ad0c194dc12c730af9