Overview

overview

7

Static

static

3

2e88616c21...18.exe

windows7-x64

7

2e88616c21...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-05-2024 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e88616c216630dbcae73cfb09995f33_JaffaCakes118.exe

  • Size

    283KB

  • MD5

    2e88616c216630dbcae73cfb09995f33

  • SHA1

    9b76cac14a0c6f34750dc9460b0d7040f4d87761

  • SHA256

    4de24e37d1f863b12af1d45239aaeef7f5c1a400df36e6c56b27750eb4f57291

  • SHA512

    68164a8ee4e7c67d5d9f54072b3de6ff0ee21ab3ad3ba0dc6ca4a58924e1c25a69c3e3d34577537bc8d5b8097d3188ccf61c826956299cb3fff14c3155427ca3

  • SSDEEP

    6144:/w6JOerGp2aPeiyx+/Hqyo3ia/keIJSkH364n8LQTj3Fv0B2fJLYI:/wurYPex+/2rXI5XxBj3GMfN

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e88616c216630dbcae73cfb09995f33_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2e88616c216630dbcae73cfb09995f33_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dfs3CAB.tmp
    Filesize

    496KB

    MD5

    93fde31f598bbfb7b0822648d4a83889

    SHA1

    9b7194bbdcee2ed5ee95769a79e44dcb1c848944

    SHA256

    2bcf933a8542f0df471a459e3a37408c1209fbe367bcd738e7d7a1700a36f983

    SHA512

    ee6ba0aafe8b2830ff5f8986be652f097f65632252abd55abefa4fd2e4269afdd62387ea5faff110da77463418b2e4406d5a3dc1ac7c884b7f676bff4b4e07cf

    Download Submit

  • memory/4568-10-0x0000000005500000-0x0000000005592000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4568-2-0x0000000000BC0000-0x0000000000BC3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/4568-13-0x0000000074CB0000-0x0000000075460000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4568-14-0x0000000074CB0000-0x0000000075460000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4568-8-0x00000000029E0000-0x00000000029EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4568-9-0x0000000005BD0000-0x0000000006174000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4568-11-0x0000000074CB0000-0x0000000075460000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4568-1-0x0000000000040000-0x00000000000FA000-memory.dmp

    Filesize

    744KB

    Download

  • memory/4568-29-0x0000000074CB0000-0x0000000075460000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4568-3-0x0000000074CBE000-0x0000000074CBF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4568-7-0x0000000004FB0000-0x0000000005032000-memory.dmp

    Filesize

    520KB

    Download

  • memory/4568-15-0x0000000008980000-0x00000000089E6000-memory.dmp

    Filesize

    408KB

    Download

  • memory/4568-16-0x0000000074CB0000-0x0000000075460000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4568-25-0x000000000AD90000-0x000000000B536000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/4568-26-0x0000000000040000-0x00000000000FA000-memory.dmp

    Filesize

    744KB

    Download

  • memory/4568-27-0x0000000000BC0000-0x0000000000BC3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/4568-28-0x0000000074CBE000-0x0000000074CBF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4568-12-0x00000000055B0000-0x00000000055BA000-memory.dmp

    Filesize

    40KB

    Download