4f6ae57221680df5ade7a0bfaca67338508b2e143aeb893c73ef3b7e47f02c15

Analysis

max time kernel
140s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19/04/2024, 06:35 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f9b730e2a2e39f140a87883cd31bebd3_JaffaCakes118.js
Size

208KB
MD5

f9b730e2a2e39f140a87883cd31bebd3
SHA1

cc8f1f3ad894522bade29bcbb7c550f4a46c6769
SHA256

4f6ae57221680df5ade7a0bfaca67338508b2e143aeb893c73ef3b7e47f02c15
SHA512

5d562803f90728ad8b1af66c0a285b621ef050403da07a2f3b78f439376a82c24db7f2404e277ebb3a1b9103e13deac0f6a08e21f0669b38aefcc5694b1de586
SSDEEP

3072:rNXTP+7Z9x+fTnj+ejQyuUT+sbjMgJHdva:pXTZ+eLksbjNla

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\f9b730e2a2e39f140a87883cd31bebd3_JaffaCakes118.js
1⤵
PID:2252

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3920 --field-trial-handle=2280,i,4114443225282860369,4764091921472631035,262144 --variations-seed-version /prefetch:8
1⤵
PID:1172

Network

DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

69.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.31.126.40.in-addr.arpa

IN PTR

Response
DNS

241.150.49.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.150.49.20.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

24.139.73.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.139.73.23.in-addr.arpa

IN PTR

Response

24.139.73.23.in-addr.arpa

IN PTR

a23-73-139-24deploystaticakamaitechnologiescom
DNS

91.90.14.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.90.14.23.in-addr.arpa

IN PTR

Response

91.90.14.23.in-addr.arpa

IN PTR

a23-14-90-91deploystaticakamaitechnologiescom
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

82.90.14.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

82.90.14.23.in-addr.arpa

IN PTR

Response

82.90.14.23.in-addr.arpa

IN PTR

a23-14-90-82deploystaticakamaitechnologiescom
DNS

88.16.208.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.16.208.104.in-addr.arpa

IN PTR

Response

142.250.187.234:443

46 B
40 B
1
1
13.107.253.64:443

46 B
40 B
1
1

8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

209.205.72.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

69.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

69.31.126.40.in-addr.arpa
8.8.8.8:53

241.150.49.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.150.49.20.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

24.139.73.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

24.139.73.23.in-addr.arpa
8.8.8.8:53

91.90.14.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

91.90.14.23.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

82.90.14.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

82.90.14.23.in-addr.arpa
8.8.8.8:53

88.16.208.104.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

88.16.208.104.in-addr.arpa

Windows 7 deprecation

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.