e0f5452be76a169d0dcd33df11d7108983b75fcbe9a8a9924b094630365068dc

Analysis

max time kernel
149s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 10:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

eae1c1b8aa5c8cc7583f7332a330f5cc_JaffaCakes118.exe
Size

102KB
MD5

eae1c1b8aa5c8cc7583f7332a330f5cc
SHA1

3f736fd3a33225a8c6a307292b3c2b063314ba97
SHA256

e0f5452be76a169d0dcd33df11d7108983b75fcbe9a8a9924b094630365068dc
SHA512

79d11cd9a4dfdf59d9f128f4597cb9a439a5ce8cb365e2c1f8905dd164953b0f1ae956d79edebf0c22a8ffa135a4281243f90bd494046db3c105e7d78ef54138
SSDEEP

1536:YA4ZpxpoDaUt/cesv5DZo8KxwWHO7X/nsavQvnlIHM59OamZrc37:mVgaqkTNvqG/ndvKlZtmS37

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2440	eae1c1b8aa5c8cc7583f7332a330f5cc_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1296	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1296	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\eae1c1b8aa5c8cc7583f7332a330f5cc_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\eae1c1b8aa5c8cc7583f7332a330f5cc_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
PID:2440

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x320 0x478
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\CodeGen.dll

Filesize
48KB

MD5
7be6f0341beeb984cfdcdde90ed9a9b1

SHA1
bf04a4d80d07cef0aff54c02d74fe53c715658cb

SHA256
099477845feb2cc1bc852b1001c6007e5fc52cc0bb154dcfe9f324040f056717

SHA512
f3183e87f7a3f6223b6c0b2843e7627166268f9538eb28bc2c9478b934eb148fb0cd2d12651d9fc65f0c9e8b1460e9ffdeef612eb5c71436ccef166d01d69de0

Download Submit
memory/2440-11-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-13-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-6-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-7-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-8-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-9-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-1-0x00000000021D0000-0x00000000021D2000-memory.dmp

Filesize
8KB

Download
memory/2440-10-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-12-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-0-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-14-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-15-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-16-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-17-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-18-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2440-19-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads