Analysis
-
max time kernel
67s -
max time network
50s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
30/04/2024, 02:39
General
-
Target
08d75ae7c0782c6d8b112e1ac08efaa1_JaffaCakes118.exe
-
Size
384KB
-
MD5
08d75ae7c0782c6d8b112e1ac08efaa1
-
SHA1
50a1f351c4e7416acaf06cc84e91414cb497c15e
-
SHA256
c94eb89663c99f801375f5065641e2c7c7991c090035ec11464db97ee15d9ac6
-
SHA512
65efda107650a739bb90153371a35ea9210a01955321993d8bd4b48cf33d30efffb8b4356beac5e6968a695d57355c722a17c4df4327fe696eb609061a2b329f
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hH/8NHzMalsoEv7V1CnCKjR671ckAkZ:Zm48gODxbzpMTBf27V1mjRI1c5kZ
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\08d75ae7c0782c6d8b112e1ac08efaa1_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\08d75ae7c0782c6d8b112e1ac08efaa1_JaffaCakes118.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\4249.tmp"C:\Users\Admin\AppData\Local\Temp\4249.tmp" --pingC:\Users\Admin\AppData\Local\Temp\08d75ae7c0782c6d8b112e1ac08efaa1_JaffaCakes118.exe FE91460116ECCE2CEFBB46CAEE0AF780CF84BC5B2E7F224F77AFAE4039501B4D9F5EFA73F33CA2E9D06B9321E9D5A3902B4730E017055301495D1257CB688ED72⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5078c8e804af9fca9c5a26e31d2c21113
SHA18e14b7775cfea1a653b67b935836a10af5607b79
SHA25606f9a1e5d9245e0861d36496b436111e41964b48b9ad228022dcc552cd040104
SHA51265de0ad6d34d70e651eee115bbfe022ceef6f5977876ca95299394eed85a24b9951e3e2bc57dc15f8fc01d2ac8b3bd2a9eafc08768e0ac1416a05c9ea6961148