Overview

overview

5

Static

static

5

108b82e5cf...18.exe

windows7-x64

3

108b82e5cf...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/05/2024, 12:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    108b82e5cfbdb2510f91dfa87dd68feb_JaffaCakes118.exe

  • Size

    2.2MB

  • MD5

    108b82e5cfbdb2510f91dfa87dd68feb

  • SHA1

    6ca41dbc59603f9946524d5a4e2c9414f54ca098

  • SHA256

    af0bff1a94ccb9fedfdfec2315fc8ddda03d0b9e0356e1413069686b0c02366a

  • SHA512

    ea44a4875a8a38f1b19999e585dc7c4d991b1d1956d7e1f03204880cab588acdfc2b3cc7c39e5434fcc04ad12d80899dc66491b72fdf9bed67c53069d59e7735

  • SSDEEP

    49152:xJZoQrbTFZY1ialMd8g6l1r2bewyuOyz/6fE4R6c:xtrbTA11abhUyzyfE44c

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\108b82e5cfbdb2510f91dfa87dd68feb_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\108b82e5cfbdb2510f91dfa87dd68feb_JaffaCakes118.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:5064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads