e6d438931503bcb48179642acf9362b104dd85d0dfad10687e4f804059b6a37d

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29-04-2024 08:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

073e23be0dfed9200aab30d52ce8b99d_JaffaCakes118.exe
Size

308KB
MD5

073e23be0dfed9200aab30d52ce8b99d
SHA1

895b33d903590f5b27a28e0c2f1eb4e4c78b1b3b
SHA256

e6d438931503bcb48179642acf9362b104dd85d0dfad10687e4f804059b6a37d
SHA512

c2edb1bce2bdf7bdd174ba66a08dc136318d9786250010ddf15c54c8a07babbaa666d64da3a23ee3fcf65a8af2a4ead6ea8de3665baab8fdb3e343e0fa8b1b5b
SSDEEP

6144:cI6ORJRKkT/qDlEy0o8/BmV1dInjq6K7hnyVR0G8xP1gnv5h:TJEUI1dIW6CywP2v5h

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\NeonGlow.job	073e23be0dfed9200aab30d52ce8b99d_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\073e23be0dfed9200aab30d52ce8b99d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\073e23be0dfed9200aab30d52ce8b99d_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:2056

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2056-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2056-1-0x0000000000030000-0x0000000000032000-memory.dmp

Filesize
8KB

Download
memory/2056-2-0x00000000000C0000-0x00000000000C1000-memory.dmp

Filesize
4KB

Download
memory/2056-3-0x00000000000D0000-0x00000000000D1000-memory.dmp

Filesize
4KB

Download
memory/2056-4-0x0000000000190000-0x00000000001C1000-memory.dmp

Filesize
196KB

Download
memory/2056-5-0x00000000000E0000-0x00000000000E1000-memory.dmp

Filesize
4KB

Download
memory/2056-6-0x0000000000390000-0x00000000003BF000-memory.dmp

Filesize
188KB

Download
memory/2056-10-0x0000000000190000-0x00000000001C1000-memory.dmp

Filesize
196KB

Download
memory/2056-18-0x0000000000190000-0x00000000001C1000-memory.dmp

Filesize
196KB

Download