05efeeca3bfd8ffbc81944fee76277d14e281ebc32ce5f1000d36fb70a1a4a65

Analysis

max time kernel
145s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
21/04/2024, 18:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ffdf1696eba0e3540058a2c5222ba936_JaffaCakes118.exe
Size

486KB
MD5

ffdf1696eba0e3540058a2c5222ba936
SHA1

59ea10c2b729cdf01365ac802861f2e35fe11ce9
SHA256

05efeeca3bfd8ffbc81944fee76277d14e281ebc32ce5f1000d36fb70a1a4a65
SHA512

292e9fb3a62bb798992ffc39fc577cbda377671e3b0bf0a07d7b081ce53980db015e71e689298719585d29e6a0a66a7d29834d7f18843e2b981163366495ef12
SSDEEP

12288:Z9T1MvAE7fF2eFDeO+AeiX5FXQIvgtrzi7a7bgP5sCqqh:/jqfYm5+AX5FXQIItXi70EP5sTq

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffdf1696eba0e3540058a2c5222ba936_JaffaCakes118.lnk	ffdf1696eba0e3540058a2c5222ba936_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\ffdf1696eba0e3540058a2c5222ba936_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ffdf1696eba0e3540058a2c5222ba936_JaffaCakes118.exe"
1⤵
- Drops startup file
PID:3052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3052-0-0x0000000000700000-0x0000000000701000-memory.dmp

Filesize
4KB

Download
memory/3052-2-0x0000000000720000-0x0000000000721000-memory.dmp

Filesize
4KB

Download
memory/3052-1-0x0000000000710000-0x0000000000712000-memory.dmp

Filesize
8KB

Download
memory/3052-3-0x00000000007F0000-0x00000000007F1000-memory.dmp

Filesize
4KB

Download
memory/3052-4-0x0000000000EC0000-0x0000000000EC1000-memory.dmp

Filesize
4KB

Download
memory/3052-6-0x0000000000EE0000-0x0000000000EE1000-memory.dmp

Filesize
4KB

Download
memory/3052-8-0x0000000001890000-0x00000000018BC000-memory.dmp

Filesize
176KB

Download
memory/3052-9-0x0000000000F50000-0x0000000000F51000-memory.dmp

Filesize
4KB

Download
memory/3052-7-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/3052-12-0x0000000000F60000-0x0000000000F61000-memory.dmp

Filesize
4KB

Download
memory/3052-14-0x0000000000F70000-0x0000000000F71000-memory.dmp

Filesize
4KB

Download
memory/3052-15-0x0000000001840000-0x0000000001841000-memory.dmp

Filesize
4KB

Download
memory/3052-16-0x0000000001850000-0x0000000001851000-memory.dmp

Filesize
4KB

Download
memory/3052-5-0x0000000000ED0000-0x0000000000ED1000-memory.dmp

Filesize
4KB

Download
memory/3052-17-0x0000000001860000-0x0000000001861000-memory.dmp

Filesize
4KB

Download
memory/3052-18-0x0000000001880000-0x0000000001881000-memory.dmp

Filesize
4KB

Download
memory/3052-19-0x00000000018C0000-0x00000000018C1000-memory.dmp

Filesize
4KB

Download
memory/3052-22-0x00000000018D0000-0x00000000018D1000-memory.dmp

Filesize
4KB

Download
memory/3052-23-0x00000000018E0000-0x00000000018E1000-memory.dmp

Filesize
4KB

Download
memory/3052-24-0x00000000018F0000-0x00000000018F1000-memory.dmp

Filesize
4KB

Download
memory/3052-26-0x0000000001900000-0x0000000001901000-memory.dmp

Filesize
4KB

Download
memory/3052-27-0x0000000001910000-0x0000000001911000-memory.dmp

Filesize
4KB

Download
memory/3052-29-0x0000000001950000-0x0000000001951000-memory.dmp

Filesize
4KB

Download
memory/3052-30-0x0000000001870000-0x0000000001871000-memory.dmp

Filesize
4KB

Download
memory/3052-28-0x0000000001920000-0x0000000001921000-memory.dmp

Filesize
4KB

Download
memory/3052-31-0x0000000000F40000-0x0000000000F42000-memory.dmp

Filesize
8KB

Download
memory/3052-32-0x0000000001930000-0x0000000001931000-memory.dmp

Filesize
4KB

Download
memory/3052-34-0x0000000001970000-0x0000000001971000-memory.dmp

Filesize
4KB

Download
memory/3052-33-0x0000000001940000-0x0000000001941000-memory.dmp

Filesize
4KB

Download
memory/3052-44-0x00000000033C0000-0x00000000033C1000-memory.dmp

Filesize
4KB

Download