Analysis

  • max time kernel
    138s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-05-2024 11:02

General

  • Target

    126fff08a5955d42438875e98c23487e_JaffaCakes118.exe

  • Size

    4.6MB

  • MD5

    126fff08a5955d42438875e98c23487e

  • SHA1

    c358de8d49e52feb00342e2413b67448ec620ea5

  • SHA256

    5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2

  • SHA512

    32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e

  • SSDEEP

    98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\126fff08a5955d42438875e98c23487e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\126fff08a5955d42438875e98c23487e_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsp784E.tmp\InstallOptions.dll

    Filesize

    14KB

    MD5

    296a5f3179fa8d7a7a855eaf696ede44

    SHA1

    57aa5b71553ed282dd22c768e039a187f5c13f63

    SHA256

    ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    SHA512

    bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

  • C:\Users\Admin\AppData\Local\Temp\nsp784E.tmp\ioSpecial.ini

    Filesize

    647B

    MD5

    76c83fb5b76482f52ad8bdc73ba0238e

    SHA1

    f0f2a3286b0c2fa0209f2cd026bd2e4659d5f075

    SHA256

    32eec882a16cad379a1b95426ff9defe1e79f558742ed35a9ce8582763fa0393

    SHA512

    ff8ab209151eec74acddf5c6b80d187cd3a8cca54785bcd386a1ddcc2657db23dd4ef72c7c627d489b59457179f175e33c024d76912f20a47bcd22408ef77dbc