Analysis
-
max time kernel
150s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
27-04-2024 05:08
Static task
static1
Behavioral task
behavioral1
Sample
027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe
Resource
win10v2004-20240419-en
General
-
Target
027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe
-
Size
9.1MB
-
MD5
027e42c67b568259de4ea2fb0b592e46
-
SHA1
8779f9eca40d1e28cc199a89db618eaa884269a2
-
SHA256
a1763e6964ec181e13c036b9305a713225204a3248847780de3f3f5394965cdf
-
SHA512
27f25c5b583fee06e0405f42bc97b52b096bd303feeedf74b587e8f19379920f3ca6a4484d1ff4c9822071db726c970514c6a92c1531507de6d13608fca0ba01
-
SSDEEP
98304:VvDllOHgOzPOiNaWzMcOe8gPom9BTEGsg2z3EPom9BTEGsg2z35:VvDllObzPa4R3/TEXzQ3/TEXz
Malware Config
Signatures
-
Drops file in System32 directory 64 IoCs
description ioc Process File created C:\Windows\SysWOW64\find.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\LocationNotifications.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\ndadmin.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\ntkrnlpa.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\rasautou.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\AdapterTroubleshooter.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\dllhst3g.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\extrac32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\Utilman.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\SecEdit.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\setx.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\hdwwiz.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\mountvol.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\systray.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\tcmsetup.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\w32tm.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\colorcpl.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\com\MigRegDB.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\System32\DriverStore\FileRepository\brmfcmf.inf_amd64_neutral_67b5984f8e8ff717\BrmfRsmg.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\xpsrchvw.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\wbem\mofcomp.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\winrshost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\WSManHTTPConfig.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\SystemPropertiesComputerName.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\unlodctr.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\DevicePairingWizard.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\diskperf.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\System32\DriverStore\FileRepository\divacx64.inf_amd64_neutral_fa0f82f024789743\ditrace.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\user.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\icardagt.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\migwiz\migwiz.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\SndVol.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\auditpol.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\forfiles.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\regini.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\osk.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\perfhost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\sdchange.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\clip.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\migwiz\MigSetup.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\odbcad32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\wextract.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\winrs.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\esentutl.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\mmc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\sbunattend.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\PushPrinterConnections.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\setup16.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\tzutil.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\autochk.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\dfrgui.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\InfDefaultInstall.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\netsh.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\resmon.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\shutdown.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\systeminfo.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\autoconv.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\efsui.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\hh.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\xwizard.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\nslookup.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\SysWOW64\sfc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\winsxs\amd64_mcupdate_31bf3856ad364e35_6.1.7601.17514_none_26c2d72ec26de8d9\mcupdate.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-es-authentication_31bf3856ad364e35_6.1.7600.16385_none_9db1ae483049e160\EhStorAuthn.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.1.7601.17514_none_bf4980401574a899\typeperf.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-mobsyncexe_31bf3856ad364e35_6.1.7601.17514_none_4d76defd6af4a83e\mobsync.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v2.0.50727\AppLaunch.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\notepad.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-blb-cli-main_31bf3856ad364e35_6.1.7600.16385_none_a749cec7a8b6bf08\wbadmin.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-compact_31bf3856ad364e35_6.1.7600.16385_none_55ea2c71cf438ffc\compact.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-extrac32_31bf3856ad364e35_6.1.7600.16385_none_371e8c461d966a55\extrac32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File opened for modification C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-corruptedfilerecovery_31bf3856ad364e35_6.1.7600.16385_none_e3aea9874278550c\cofire.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-ehome-ehmsas_31bf3856ad364e35_6.1.7600.16385_none_8707c620868fdf75\ehmsas.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-ehome-mcspad_31bf3856ad364e35_6.1.7600.16385_none_bd8c328b84ea0fba\mcspad.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-f..temcompareutilities_31bf3856ad364e35_6.1.7600.16385_none_5cbb962a4f0d58c1\fc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File opened for modification C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regsql.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-c..utermanagerlauncher_31bf3856ad364e35_6.1.7600.16385_none_ea0a643b0e032c19\CompMgmtLauncher.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\aspnetca.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-packagemanager_31bf3856ad364e35_6.1.7601.17514_none_4afdc98b09e3cfe8\PkgMgr.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-atbroker_31bf3856ad364e35_6.1.7600.16385_none_2b95a17838063e9b\AtBroker.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-consolehost_31bf3856ad364e35_6.1.7601.17514_none_d281ccc018b94ff4\conhost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-ftp_31bf3856ad364e35_6.1.7601.17514_none_0b11635f6f2987f7\ftp.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-msmq-triggers-service_31bf3856ad364e35_6.1.7601.17514_none_864c8948d3a4b9f3\mqtgsvc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regbrowsers.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\ehome\CreateDisc\SBEServer.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_divacx64.inf_31bf3856ad364e35_6.1.7600.16385_none_cf37cc4c5bc25dc7\xlog.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-reliability-postboot_31bf3856ad364e35_6.1.7600.16385_none_a9b5c1d91f03e0b4\RelPost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\ehome\wow\ehexthost32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File opened for modification C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.1.7601.17514_none_38a043f2b45f9ad2\msconfig.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_6.1.7601.17514_none_7f7f66788318015d\lpksetup.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-axinstallservice_31bf3856ad364e35_6.1.7601.17514_none_352b5454878cd498\AxInstUI.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-e..ortingcompatibility_31bf3856ad364e35_6.1.7600.16385_none_5a9496fc0f35b80b\DWWIN.EXE 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-m..player-shellpreview_31bf3856ad364e35_6.1.7600.16385_none_1c92c4d88ce86757\wmprph.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-icm-dccw_31bf3856ad364e35_6.1.7600.16385_none_76e39d87a834545e\dccw.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\bfsvc.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-audio-volumecontrol_31bf3856ad364e35_6.1.7601.17514_none_244e76d61e1989e5\SndVol.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-com-complus-ui_31bf3856ad364e35_6.1.7600.16385_none_0c9cb55c61e99805\dcomcnfg.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-d..s-ime-japanese-core_31bf3856ad364e35_6.1.7600.16385_none_cb604f1aa758e6b6\IMJPDSVR.EXE 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-bth-user_31bf3856ad364e35_6.1.7601.17514_none_c33f455aebcd9dbb\bthudtask.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-d..ostic-user-resolver_31bf3856ad364e35_6.1.7600.16385_none_2129f6bd1f6002ae\DFDWiz.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\ehome\ehtray.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.1.7601.17514_none_c75e9c99a36a285a\winresume.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-cipher_31bf3856ad364e35_6.1.7600.16385_none_090b7101bec9a9e2\cipher.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\appcmd.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.1.7601.17514_none_698fc88e65b943d6\wmpshare.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-pnputil_31bf3856ad364e35_6.1.7600.16385_none_5958b438d6388d15\PnPutil.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File opened for modification C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\Microsoft.NET\Framework64\v3.5\WFServicesReg.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-adaptertroubleshooter_31bf3856ad364e35_6.1.7600.16385_none_2df6395b9cf7e9a5\AdapterTroubleshooter.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.1.7601.17514_none_4b57445488ba33fd\IMJPDADM.EXE 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe File created C:\Windows\winsxs\amd64_microsoft-windows-directshow-dvdplay_31bf3856ad364e35_6.1.7600.16385_none_5da314d233bb2676\dvdplay.exe 027e42c67b568259de4ea2fb0b592e46_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9.2MB
MD528b09a17d686d5e798928a9bacba766e
SHA1ac5b2eee4809e2c089a937a9409bf29328340c33
SHA25693bb69526a3eecda3a2db00fd7022c3d2741f27ca48a8708fa46096a57d6d941
SHA512b12007f91a44cc994c72c9d4836977c00cddbd3183d1c01eebd7df25799e3fb2a5cacd80c917131d672f818fad021e93f0f137167190d6d1f0c3662137d0651f