Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15-04-2024 17:08
Static task
static1
Behavioral task
behavioral1
Sample
f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe
-
Size
1.3MB
-
MD5
f18ee353e998df41e42bba9b08f8c2bb
-
SHA1
9d2999a9f0b48f3daf58138746ed63ce7fff87c5
-
SHA256
16fff93cc6b11e2340af9b406d49c5ef8f219019ddd5c985c4cd0035d25318e3
-
SHA512
b7223defc6dea444aa664547a5506bb4dc59bc0c5b300b7747a47ce12aabbba8bb687b85d247e8972062cf052c1ddb462f06b18beb7087fcb0619d77867bc220
-
SSDEEP
12288:4w7QsLhBN9aTom5Ou3jOh3jr+GBGnr+9q0psu9kVss6NC0ENbkjWd:Thf9aTXEu3YjBGnjis1KTY0E2j
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exedescription pid process Token: SeDebugPrivilege 2928 f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2928-1-0x0000000074A50000-0x000000007513E000-memory.dmpFilesize
6.9MB
-
memory/2928-0-0x0000000010D40000-0x0000000010E94000-memory.dmpFilesize
1.3MB
-
memory/2928-2-0x0000000004C60000-0x0000000004CA0000-memory.dmpFilesize
256KB
-
memory/2928-3-0x0000000074A50000-0x000000007513E000-memory.dmpFilesize
6.9MB
-
memory/2928-4-0x0000000004C60000-0x0000000004CA0000-memory.dmpFilesize
256KB