Analysis
-
max time kernel
143s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
26/04/2024, 06:41
General
-
Target
003585b77570580adca863d4ef390f1b_JaffaCakes118.exe
-
Size
224KB
-
MD5
003585b77570580adca863d4ef390f1b
-
SHA1
148f4bc19b9fb3b27b53c102baa37656835fb2ca
-
SHA256
2be98f87fd727b69bbe28b79b25b2285245828b56448748e2bf7a09c58c780dd
-
SHA512
d0c6cbbbb27074e55c273a4704d6cd4b65d716f23ca07b32769d012c37c7f022a67bb9eeaafc080b9fcc61dc04c82406e86fc238edcb22815462389e14a87ee6
-
SSDEEP
3072:5M9jG0zeb+Bd7ljqaULpJKV/WxlX8sh+li7pBNi2VYCT8NbHyf+AViaO4V:5gzQ+D7ljXma/WxSTi7rT8xHY64V
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Suspicious behavior: RenamesItself 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\003585b77570580adca863d4ef390f1b_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\003585b77570580adca863d4ef390f1b_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- Suspicious behavior: RenamesItself
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\generalmsagl.exe"C:\Users\Admin\AppData\Local\Temp\generalmsagl.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
224KB
MD5003585b77570580adca863d4ef390f1b
SHA1148f4bc19b9fb3b27b53c102baa37656835fb2ca
SHA2562be98f87fd727b69bbe28b79b25b2285245828b56448748e2bf7a09c58c780dd
SHA512d0c6cbbbb27074e55c273a4704d6cd4b65d716f23ca07b32769d012c37c7f022a67bb9eeaafc080b9fcc61dc04c82406e86fc238edcb22815462389e14a87ee6