Overview

overview

1

Static

static

1

159a00d1c7...18.exe

windows7-x64

1

159a00d1c7...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-05-2024 02:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    159a00d1c766bb45f67dddb377bf30a3_JaffaCakes118.exe

  • Size

    345KB

  • MD5

    159a00d1c766bb45f67dddb377bf30a3

  • SHA1

    1f758e8a22f478c805b978b0f59ebbae416df2d5

  • SHA256

    15e85feca68eeff62a8a4d1f7d46d5f26d0a77d55f466d8534ff1b8c487964ae

  • SHA512

    ec05fd6b8e82823e4e9202acf93587433b7fa76ed5d41b6f78c0f2bc104d0861db696a12aaf9d7f8625dc9aba3e87503e03c3c7e06ce89b84ec0fafe7e5b8818

  • SSDEEP

    6144:EujgdRI/91IkY5G68DYo1HI4Sdj696ToC9tVDVWQ7YeTBZO0RQBd0:EBdRIFAGlDY2SkKr7YeTzBj

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\159a00d1c766bb45f67dddb377bf30a3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\159a00d1c766bb45f67dddb377bf30a3_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads