5d1d78a172e3366f558e985c5d3d1f1c8a0851b0f065e84ee629381847ef5a3d

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20240319-en
resource tags

arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
submitted
15/04/2024, 10:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f0d6224097f6a6a845ca2089e7728d5b_JaffaCakes118.exe
Size

383KB
MD5

f0d6224097f6a6a845ca2089e7728d5b
SHA1

d7dbfa0297e6f3774f28e604901d17be8471df3c
SHA256

5d1d78a172e3366f558e985c5d3d1f1c8a0851b0f065e84ee629381847ef5a3d
SHA512

9c5d490f26b215e1a09ef24bc24b1b5cba51791b13fd2cc9ca89f7c31562ea08d7e3ad3d72b746b4225b96e681b5b93be969e59a72f7a103a901c3016270a4ed
SSDEEP

3072:XxgZGuF/x+Zuo2VRve4Ya9/Q3WIQ90pjFBT6JJpJi1BkBwFQC9zGPTJKWNI5:hYtFMuo2XN/H790pjj6rs9mO2lV

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2610426812-2871295383-373749122-1000\Software\Microsoft\Windows\CurrentVersion\Run\53515a50525d48105b465b = "C:\\Users\\Admin\\nlcv.exe"	f0d6224097f6a6a845ca2089e7728d5b_JaffaCakes118.exe

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
1996	f0d6224097f6a6a845ca2089e7728d5b_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\f0d6224097f6a6a845ca2089e7728d5b_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f0d6224097f6a6a845ca2089e7728d5b_JaffaCakes118.exe"
1⤵
- Adds Run key to start application
- Suspicious behavior: RenamesItself
PID:1996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads