51be25e5c754614603992540797d953736c4ac163818db5de69734fabb2f8f82

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
08-05-2024 20:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe
Size

766KB
MD5

26aa9b7bf926ffa61dd823895ce0a868
SHA1

f7ae1863e31a855feb8956b3c113afb8a1992e47
SHA256

51be25e5c754614603992540797d953736c4ac163818db5de69734fabb2f8f82
SHA512

08cf1deef378097a14a94b5fdd1186865cf18c62f010ddf4bfd714faf869232385cc8cf9682328fae2752bd5690034e4239c2fb8878defce53c7d4918f2f5050
SSDEEP

12288:b58WhWmNEYOyd4Sau/yaqDzjnOeX6nKAZgDpaSO3nMJibf41y99zzSl+XoEzz1wt:b5dxN/4k/yGrB9zztzzK

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2420	26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2420	26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2420	26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\26aa9b7bf926ffa61dd823895ce0a868_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\4acacee3-cefe-4dab-b6f1-01f9a63ec79a\e.dll

Filesize
94KB

MD5
14ff402962ad21b78ae0b4c43cd1f194

SHA1
f8a510eb26666e875a5bdd1cadad40602763ad72

SHA256
fb9646cb956945bdc503e69645f6b5316d3826b780d3c36738d6b944e884d15b

SHA512
daa7a08bf3709119a944bce28f6ebdd24e54a22b18cd9f86a87873e958df121a3881dcdd5e162f6b4e543238c7aef20f657c9830df01d4c79290f7c9a4fcc54b

Download Submit
memory/2420-50-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-44-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-42-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-1-0x0000000000D90000-0x0000000000E56000-memory.dmp

Filesize
792KB

Download
memory/2420-12-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-22-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-34-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-46-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-54-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-64-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-72-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-70-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-48-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-66-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-62-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-60-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-58-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-56-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-52-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-0-0x00000000742EE000-0x00000000742EF000-memory.dmp

Filesize
4KB

Download
memory/2420-68-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-2-0x0000000000410000-0x000000000043C000-memory.dmp

Filesize
176KB

Download
memory/2420-3-0x00000000742E0000-0x00000000749CE000-memory.dmp

Filesize
6.9MB

Download
memory/2420-40-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-38-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-36-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-32-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-30-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-28-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-26-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-24-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-20-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-18-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-16-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-14-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-11-0x0000000000410000-0x0000000000435000-memory.dmp

Filesize
148KB

Download
memory/2420-10-0x000000006F170000-0x000000006F1F0000-memory.dmp

Filesize
512KB

Download
memory/2420-191-0x00000000742EE000-0x00000000742EF000-memory.dmp

Filesize
4KB

Download
memory/2420-192-0x00000000742E0000-0x00000000749CE000-memory.dmp

Filesize
6.9MB

Download
memory/2420-193-0x0000000000520000-0x000000000052C000-memory.dmp

Filesize
48KB

Download
memory/2420-194-0x00000000742E0000-0x00000000749CE000-memory.dmp

Filesize
6.9MB

Download
memory/2420-195-0x00000000742E0000-0x00000000749CE000-memory.dmp

Filesize
6.9MB

Download