24baa9daf9de9cae7b78bf437acc69d0ef40cf3683187b04363d3c4da8887cf8

Analysis

max time kernel
141s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16/05/2024, 10:47

Target

4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe
Size

364KB
MD5

4ab25954b04b29f7eff05d5f591ece7d
SHA1

e532ee56f1f6784d510c77c37b8a78816b5eb212
SHA256

24baa9daf9de9cae7b78bf437acc69d0ef40cf3683187b04363d3c4da8887cf8
SHA512

42dd30359434719ee3270571b9204413620076d9eab8fba414208a415227c3bf04f40d2a732d29c6c17f7090cd6e782f28d77fdae41ad73474d8dcca2edae91f
SSDEEP

6144:wLdfmIQ5cCnUQfrDD6dPvw2ONKp/gSDGEIZdlQmafsQQkwb8mEYo5:ufVgcCnPrv6t7YSDGEKlQmafsQQAmo5

Score

7^/10

Loads dropped DLL 2 IoCs

pid	Process
2148	4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe
2148	4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2148	4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2148	4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe
2148	4ab25954b04b29f7eff05d5f591ece7d_JaffaCakes118.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3468,i,6166776566165096562,4582328833313060853,262144 --variations-seed-version --mojo-platform-channel-handle=4204 /prefetch:8
1⤵
PID:3856

C:\Users\Admin\AppData\Local\Temp\weeDC18.tmp

Filesize
259KB

MD5
b306ab9b08461997d0773b10327d1da4

SHA1
4033c7e085673cbe594d0e27b1c7bba133288f63

SHA256
1790962276c256c6ab98b1739a6bf730d82d9129709e75100782b8819a086749

SHA512
cead354d277ea86729ed9913cdc74a873bc8776cd8cc0dad20781a5aba86c30230d453127e8aaa2c99f48ceab71a8541dffa32b110de65b6199d1c2be3fbffba

Download Submit
memory/2148-7-0x0000000007BA0000-0x0000000007BAA000-memory.dmp

Filesize
40KB

Download
memory/2148-3-0x0000000005890000-0x00000000058D6000-memory.dmp

Filesize
280KB

Download
memory/2148-4-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download
memory/2148-5-0x00000000080F0000-0x0000000008694000-memory.dmp

Filesize
5.6MB

Download
memory/2148-6-0x0000000007BE0000-0x0000000007C72000-memory.dmp

Filesize
584KB

Download
memory/2148-0-0x00000000743CE000-0x00000000743CF000-memory.dmp

Filesize
4KB

Download
memory/2148-8-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download
memory/2148-9-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download
memory/2148-10-0x000000000AE80000-0x000000000AEE6000-memory.dmp

Filesize
408KB

Download
memory/2148-11-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download
memory/2148-20-0x00000000743CE000-0x00000000743CF000-memory.dmp

Filesize
4KB

Download
memory/2148-21-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download