Analysis
-
max time kernel
143s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
28-04-2024 22:21
Static task
static1
Behavioral task
behavioral1
Sample
06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe
Resource
win7-20240419-en
General
-
Target
06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe
-
Size
2.6MB
-
MD5
06332c76bab3c4b5b15158f41f92b3b8
-
SHA1
8d837c4126ee98e94c5664d4f17bfe69389da8a5
-
SHA256
85f7a009f0f9e0d9bf057edc24bf584eb08349cec1818588d3a61106dbd2ab99
-
SHA512
846451df9130c85168e4e0d057a92b74bd025e77536734ce828d1a3ee6d68b3f488ea2c318eccb32a917d47b5157d155e229ea8a238bf495017a59f545614a0f
-
SSDEEP
49152:Pmxak0hQbAzDlk5G/xYmBvclEJZPIZwjnHTow5OiW8CtQw8j+DdT9jOotbgJSr3n:+k5GbA9hv8EJdboH3mml6iqN
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exepid process 1740 06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes:
06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exepid process 1740 06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe 1740 06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe 1740 06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe 1740 06332c76bab3c4b5b15158f41f92b3b8_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\cd.dllFilesize
692KB
MD58b9e960ba4971deedbc8f141ea20e58c
SHA1194307d3493b723dde50ee65a069bf702353b3dd
SHA256fb637cf304db7a39a7474cf222789fc9560a69334ec1871accfb476790975e4e
SHA5129b2fafffb40db5fdef41fe77c3b9424ae8d54c2258a526b7abd013d4058388a41397ceb7d5621e60991771908385b6b9228a31a7369c60a17e48e234685e4ada