Overview

overview

10

Static

static

3

f52ab129d5...18.exe

windows7-x64

10

f52ab129d5...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/04/2024, 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f52ab129d57c3ae0d8c9f20dbf3aa3f1_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    f52ab129d57c3ae0d8c9f20dbf3aa3f1

  • SHA1

    9b83b9a01d6efe26a7ddaf85f5bc86c285240a89

  • SHA256

    ddd0aeb8bab5cce9061fc25f83a4629e94e4f643cb441468e2f48668fe497c54

  • SHA512

    0725b3590582065287c4cf7fe582440c5a8ad18ac9ce8a284ab3129b58067ac23e1251d451cf74a236e3936dcb60ca9c77b81f4ceefa55c3801696829263433c

  • SSDEEP

    24576:rKgQX1RjguYXBa/cp2ST+s8MWPZ2zKNATQrYQ+XpnsEGfE3cY9RXFUTHxpVP:rLQlRjgfaUT+aUZhcQXwpnRGKcY97Urh

Score
10/10
mimikatz

Malware Config

Signatures

  • Mimikatz

    mimikatz is an open source tool to dump credentials on Windows.

    mimikatz
  • mimikatz is an open source tool to dump credentials on Windows 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f52ab129d57c3ae0d8c9f20dbf3aa3f1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f52ab129d57c3ae0d8c9f20dbf3aa3f1_JaffaCakes118.exe"
    1⤵
      PID:2392

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2392-0-0x0000000000EA0000-0x000000000100E000-memory.dmp

      Filesize

      1.4MB

      Download

    • memory/2392-1-0x00000000018B0000-0x00000000018B6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/2392-2-0x00007FFDFD9A0000-0x00007FFDFE461000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/2392-3-0x0000000001EB0000-0x0000000001EC0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2392-4-0x000000001D710000-0x000000001D85F000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2392-5-0x000000001D710000-0x000000001D85F000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2392-6-0x000000001DDB0000-0x000000001DEFB000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2392-7-0x00007FFDFD9A0000-0x00007FFDFE461000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/2392-8-0x0000000001EB0000-0x0000000001EC0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2392-9-0x000000001DDB0000-0x000000001DEFB000-memory.dmp

      Filesize

      1.3MB

      Download