Analysis
-
max time kernel
148s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
18-04-2024 03:55
Static task
static1
Behavioral task
behavioral1
Sample
f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe
-
Size
1.9MB
-
MD5
f73545dc67c662cb29ce4ee9d8575267
-
SHA1
4e9941a584dc7a58afba7d13cedb812198cc626d
-
SHA256
746aca85027170e18e2b5aa6c56489378cb9ec816dcded77d97916ccbc347e2c
-
SHA512
2e4b88d0d41d69001555d22fb9a390bd13b3a86a7cb0a9884a3c710efdb0d6450bae2e90a64337d5348f21bd3e57e94c8236e3acfdfaf49ffeac7492044be0c4
-
SSDEEP
49152:Qoa1taC070dVRf7cev/bYYMGLtY1cYDd5oVsn:Qoa1taC0sRf7dXb9LWt5oVsn
Malware Config
Signatures
-
Deletes itself 1 IoCs
pid Process 2136 84B1.tmp -
Executes dropped EXE 1 IoCs
pid Process 2136 84B1.tmp -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4164 wrote to memory of 2136 4164 f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe 88 PID 4164 wrote to memory of 2136 4164 f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe 88 PID 4164 wrote to memory of 2136 4164 f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe 88
Processes
-
C:\Users\Admin\AppData\Local\Temp\f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:4164 -
C:\Users\Admin\AppData\Local\Temp\84B1.tmp"C:\Users\Admin\AppData\Local\Temp\84B1.tmp" --splashC:\Users\Admin\AppData\Local\Temp\f73545dc67c662cb29ce4ee9d8575267_JaffaCakes118.exe A13ACB7BD5F742B60C4736B5ED8AAC20923BC63A0A825EA9E7AECEBC96A01B176BD2E0D3DA63B1DA9D9BDE1A15946A1E6FAF7FB5428442E58E819B0749E63E712⤵
- Deletes itself
- Executes dropped EXE
PID:2136
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.9MB
MD52c4556fb4d130664d5105926c206accd
SHA1861a4ea1111a765a21ba403efb34c118d1d58ebb
SHA2565a7d9b1952c689718c21737ada3a0afb8ca42d37fc0065a3457785079626400a
SHA5123f56855334aa4b9555f3af2141b5634d3cf384c918fa328df1c294df94f65d4bf171c3b64d9fbb497c62102e7b1134931434b389ce861c602751d10d154cdab2