Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
05-05-2024 07:51
General
-
Target
16b0a9a19bf199120703fbb68ea504c6_JaffaCakes118.exe
-
Size
224KB
-
MD5
16b0a9a19bf199120703fbb68ea504c6
-
SHA1
f3fd14eec5fe4a27f52d4e808fe8fdd97c6c66a6
-
SHA256
b04af14c12ba34b9ae4c22022016d3f149e0a447066c27c71f6dad21a77eb93f
-
SHA512
be2f1c44acd5d530358fae16e95d752b9ff779b0df36c8e286194f8353fd80474f1c71e4a1fa6034d0a0d91ba11714633e263ae010717cbde2ac4e261a79960b
-
SSDEEP
3072:QM9jG0zeb+Bd7ljqaULpJKV/WxlX8sh+li7pBNi2VYCT8NbHyf+AViaO4V:QgzQ+D7ljXma/WxSTi7rT8xHY64V
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious behavior: RenamesItself 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\16b0a9a19bf199120703fbb68ea504c6_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\16b0a9a19bf199120703fbb68ea504c6_JaffaCakes118.exe"1⤵
- Suspicious behavior: RenamesItself
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\labelsgoto.exe"C:\Users\Admin\AppData\Local\Temp\labelsgoto.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
224KB
MD516b0a9a19bf199120703fbb68ea504c6
SHA1f3fd14eec5fe4a27f52d4e808fe8fdd97c6c66a6
SHA256b04af14c12ba34b9ae4c22022016d3f149e0a447066c27c71f6dad21a77eb93f
SHA512be2f1c44acd5d530358fae16e95d752b9ff779b0df36c8e286194f8353fd80474f1c71e4a1fa6034d0a0d91ba11714633e263ae010717cbde2ac4e261a79960b
-
Filesize
296KB