e03aac26896597ff4ad379dbc8efb9c512c74ad506d9d7b4971fd3d15e47d331 | Triage

Analysis

max time kernel
55s
max time network
55s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 12:35

Sharing

Report Analysis Logs

General

Target

0533fe8004c74eba34f8276b403b1099_JaffaCakes118.exe
Size

176KB
MD5

0533fe8004c74eba34f8276b403b1099
SHA1

a238f5fe4f01d30cfeeea0e4388b5c5a861c1263
SHA256

e03aac26896597ff4ad379dbc8efb9c512c74ad506d9d7b4971fd3d15e47d331
SHA512

3599fd9f8800098bdac353286456cd75514c412924d68290c42f8e55e9c360a061464c372993498d54ffedc42fdf5d1a30e90523e8ce52e8dcfc11068c6c8a96
SSDEEP

3072:dQIURTXJ4jC4MJBi3FFYBDetjEw1kCNc4/Ajdf2MoirZjrZfqBw9QI/QalFPNmkS:dsR4MK3k4tjEwGQHafxxZfCw9QBa7NDa

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\0533fe8004c74eba34f8276b403b1099_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0533fe8004c74eba34f8276b403b1099_JaffaCakes118.exe"
1⤵
PID:4988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4988-0-0x0000000000400000-0x0000000000452000-memory.dmp

Filesize
328KB

Download
memory/4988-1-0x0000000000400000-0x0000000000452000-memory.dmp

Filesize
328KB

Download