14d9cf0e814149ff302cdd295fbe9ca8008161bd823108495f8b7255b6132a1a

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
16/04/2024, 20:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f43983c0b161d9ab0e62a9faeb28a2ca_JaffaCakes118.exe
Size

221KB
MD5

f43983c0b161d9ab0e62a9faeb28a2ca
SHA1

bdd7cacc4b907518758312b799d594917e5b5bf4
SHA256

14d9cf0e814149ff302cdd295fbe9ca8008161bd823108495f8b7255b6132a1a
SHA512

8d3c3ee315fac23adfcbe15b0b3a38317bf67d39d6cbc8ebc8d12e90f5dd115d62e847e8f8658f10831c4c85cec5f0a85384d8d006da29c5f4c376ac1d6a85f2
SSDEEP

3072:uypjnhibvrEZWMggc0EXdbWAy1glzV6y1BAaPRmJSBmeBfcyYyUD:xbhg4ZWpJuezIy1nJxDVcyYJ

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\AutomationPro.job	f43983c0b161d9ab0e62a9faeb28a2ca_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\f43983c0b161d9ab0e62a9faeb28a2ca_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f43983c0b161d9ab0e62a9faeb28a2ca_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:1736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1736-4-0x00000000000F0000-0x00000000000F1000-memory.dmp

Filesize
4KB

Download
memory/1736-3-0x0000000000100000-0x0000000000101000-memory.dmp

Filesize
4KB

Download
memory/1736-2-0x0000000000110000-0x0000000000130000-memory.dmp

Filesize
128KB

Download
memory/1736-1-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/1736-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1736-5-0x00000000001B0000-0x00000000001DF000-memory.dmp

Filesize
188KB

Download
memory/1736-9-0x0000000000110000-0x0000000000130000-memory.dmp

Filesize
128KB

Download
memory/1736-17-0x0000000000110000-0x0000000000130000-memory.dmp

Filesize
128KB

Download