e6600059395da08438f03ab84c0b196a06d506f3d10c1492a4ea7a6eea378646

General

Target

ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
Size

380KB
MD5

ff8f1b8d21e63e0f2717accd373dcfec
SHA1

23817fab1ebc56d53b593132b48c6603a557da13
SHA256

e6600059395da08438f03ab84c0b196a06d506f3d10c1492a4ea7a6eea378646
SHA512

136c1e7119ce6f233a8006ed576a59a5922df2722df25f4d20dd21840e0b976ea3ba59b40f74c68980f121b7b895699163e76a3639359b042d3f770179d43c64
SSDEEP

6144:MgCMl4SUApom61F2idZecnl20lHRxp3gEncduD7yB9VCO6Sco4q8+dE6CqvFufV:Ms4EpHgF3Z4mxxXDqVTVOC49

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2156	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe

Drops file in Program Files directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\MSINFO\51B36E3D.dll	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSINFO\51B36E3D.dat	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\MSINFO\51B36E3D.dat	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSINFO\51B36E3D.dll	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe

Drops file in Windows directory 2 IoCs

description	ioc	Process
File created	C:\Windows\Help\51B36E3D.chm	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
File opened for modification	C:\Windows\Help\51B36E3D.chm	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2156	ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ff8f1b8d21e63e0f2717accd373dcfec_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:2156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\Help\51B36E3D.chm

Filesize
380KB

MD5
ff8f1b8d21e63e0f2717accd373dcfec

SHA1
23817fab1ebc56d53b593132b48c6603a557da13

SHA256
e6600059395da08438f03ab84c0b196a06d506f3d10c1492a4ea7a6eea378646

SHA512
136c1e7119ce6f233a8006ed576a59a5922df2722df25f4d20dd21840e0b976ea3ba59b40f74c68980f121b7b895699163e76a3639359b042d3f770179d43c64

Download Submit
\Program Files\Common Files\Microsoft Shared\MSInfo\51B36E3D.dll

Filesize
41KB

MD5
b9d531fd82d82f893a388ef6407cdee6

SHA1
f167dad349caec44db06b56627ac576ee922bfd3

SHA256
15825c6d0439d518737d07356f228d851b5c1073f250cfe86cf1a4d26b4a2d5e

SHA512
91e802993eb70083b8fa0470920c63a1eb8b64cafc4f2a360e29dd1d41a948d5fdfd7e6a1c6ae63715097a6445c016b4124d6a47abe8502c4524ef8f6317fd6f

Download Submit
memory/2156-25-0x0000000003210000-0x0000000003211000-memory.dmp

Filesize
4KB

Download
memory/2156-28-0x00000000031C0000-0x00000000031C1000-memory.dmp

Filesize
4KB

Download
memory/2156-20-0x0000000003190000-0x0000000003191000-memory.dmp

Filesize
4KB

Download
memory/2156-19-0x0000000000500000-0x0000000000501000-memory.dmp

Filesize
4KB

Download
memory/2156-18-0x0000000001E00000-0x0000000001E01000-memory.dmp

Filesize
4KB

Download
memory/2156-29-0x00000000031B0000-0x00000000031B1000-memory.dmp

Filesize
4KB

Download
memory/2156-16-0x00000000005B0000-0x00000000005B1000-memory.dmp

Filesize
4KB

Download
memory/2156-15-0x00000000004E0000-0x00000000004E1000-memory.dmp

Filesize
4KB

Download
memory/2156-14-0x00000000004F0000-0x00000000004F1000-memory.dmp

Filesize
4KB

Download
memory/2156-13-0x0000000001DF0000-0x0000000001DF1000-memory.dmp

Filesize
4KB

Download
memory/2156-12-0x0000000000510000-0x0000000000511000-memory.dmp

Filesize
4KB

Download
memory/2156-0-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-2-0x0000000000530000-0x0000000000531000-memory.dmp

Filesize
4KB

Download
memory/2156-23-0x0000000003200000-0x0000000003201000-memory.dmp

Filesize
4KB

Download
memory/2156-22-0x00000000031D0000-0x00000000031D1000-memory.dmp

Filesize
4KB

Download
memory/2156-24-0x0000000003170000-0x0000000003175000-memory.dmp

Filesize
20KB

Download
memory/2156-1-0x0000000000540000-0x0000000000594000-memory.dmp

Filesize
336KB

Download
memory/2156-26-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2156-21-0x0000000003180000-0x0000000003182000-memory.dmp

Filesize
8KB

Download
memory/2156-27-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2156-17-0x00000000005A0000-0x00000000005A1000-memory.dmp

Filesize
4KB

Download
memory/2156-30-0x00000000031A0000-0x00000000031A1000-memory.dmp

Filesize
4KB

Download
memory/2156-31-0x00000000031F0000-0x00000000031F1000-memory.dmp

Filesize
4KB

Download
memory/2156-32-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-33-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-34-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-35-0x0000000000540000-0x0000000000594000-memory.dmp

Filesize
336KB

Download
memory/2156-36-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-37-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-38-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-39-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-40-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-41-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-42-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-44-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-45-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/2156-46-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads