Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
26/04/2024, 12:12
General
-
Target
00be26eba32ba0d47a39d7a608554f7c_JaffaCakes118.exe
-
Size
412KB
-
MD5
00be26eba32ba0d47a39d7a608554f7c
-
SHA1
abb025885383e4fc2bfa6916b99c9c8ec5adb470
-
SHA256
00d4f868c638dac723c377f049f92b97620089a03c9438636403b5e0627ba551
-
SHA512
73e37a5e4ec7fce7381dd1e507b53e0d8bae71f0b6ba62108d0e91ef64dd27970186f62cf6057ca28ee2c733c2a598f70c229438bde73f3f67e64721a3786551
-
SSDEEP
6144:uFssA3hLtW35xVAwkyXUQuDcettFHN8vGOKAOja36wnXXww8IHu24EwMq:u5AhtCBwyXUQKt0GOK83h4IO24EwM
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\00be26eba32ba0d47a39d7a608554f7c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\00be26eba32ba0d47a39d7a608554f7c_JaffaCakes118.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\loader_ldir_5064_29857\00be26eba32ba0d47a39d7a608554f7c_JaffaCakes118.exeC:\Users\Admin\AppData\Local\Temp\loader_ldir_5064_29857\00be26eba32ba0d47a39d7a608554f7c_JaffaCakes118.exe --wi=0 --import-settings=L --make-default=1 --attr=901406ch --rfr=901406 --ext_params=old_mr1lad=5e8c9494506913a8-0-0- --cp2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD500be26eba32ba0d47a39d7a608554f7c
SHA1abb025885383e4fc2bfa6916b99c9c8ec5adb470
SHA25600d4f868c638dac723c377f049f92b97620089a03c9438636403b5e0627ba551
SHA51273e37a5e4ec7fce7381dd1e507b53e0d8bae71f0b6ba62108d0e91ef64dd27970186f62cf6057ca28ee2c733c2a598f70c229438bde73f3f67e64721a3786551