Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-05-2024 11:54
Static task
static1
Behavioral task
behavioral1
Sample
3475a3091ff9da3b8f75ca984a5f3acb_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3475a3091ff9da3b8f75ca984a5f3acb_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
3475a3091ff9da3b8f75ca984a5f3acb_JaffaCakes118.exe
-
Size
29KB
-
MD5
3475a3091ff9da3b8f75ca984a5f3acb
-
SHA1
16f6a9a44043357701775e4c993eb5f7c692d601
-
SHA256
8c51907ae78f0ef8f3503165d2da098c22c59fcda553658ed227cb180a21d01f
-
SHA512
350038c047c83ad0283bf0c4c39ccacab265b8254292ec5df9697e377d3b7554bf20bd4650300360c804fe8d27a37ddd074a6e406781acff7134f6301a1d0eed
-
SSDEEP
768:Fvzlc/haT0rwKMu2Ht5EfUl+zMGZg79TAp49Q:llc/haTpKMu2EUl17FA3
Malware Config
Signatures
-
Obfuscated with Agile.Net obfuscator 1 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
Processes:
resource yara_rule behavioral1/memory/1136-2-0x0000000000360000-0x0000000000374000-memory.dmp agile_net
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1136-0-0x000007FEF53F3000-0x000007FEF53F4000-memory.dmpFilesize
4KB
-
memory/1136-1-0x00000000003C0000-0x00000000003C8000-memory.dmpFilesize
32KB
-
memory/1136-2-0x0000000000360000-0x0000000000374000-memory.dmpFilesize
80KB
-
memory/1136-3-0x000007FEF53F0000-0x000007FEF5DDC000-memory.dmpFilesize
9.9MB