Overview

overview

10

Static

static

3

f18ee353e9...18.exe

windows7-x64

1

f18ee353e9...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 17:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    f18ee353e998df41e42bba9b08f8c2bb

  • SHA1

    9d2999a9f0b48f3daf58138746ed63ce7fff87c5

  • SHA256

    16fff93cc6b11e2340af9b406d49c5ef8f219019ddd5c985c4cd0035d25318e3

  • SHA512

    b7223defc6dea444aa664547a5506bb4dc59bc0c5b300b7747a47ce12aabbba8bb687b85d247e8972062cf052c1ddb462f06b18beb7087fcb0619d77867bc220

  • SSDEEP

    12288:4w7QsLhBN9aTom5Ou3jOh3jr+GBGnr+9q0psu9kVss6NC0ENbkjWd:Thf9aTXEu3YjBGnjis1KTY0E2j

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f18ee353e998df41e42bba9b08f8c2bb_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2928-1-0x0000000074A50000-0x000000007513E000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2928-0-0x0000000010D40000-0x0000000010E94000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/2928-2-0x0000000004C60000-0x0000000004CA0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/2928-3-0x0000000074A50000-0x000000007513E000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2928-4-0x0000000004C60000-0x0000000004CA0000-memory.dmp
    Filesize

    256KB

    Download