Analysis
-
max time kernel
140s -
max time network
161s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
18-05-2024 18:50
General
-
Target
5645a5321164781b0650e774d59b9e29_JaffaCakes118.exe
-
Size
858KB
-
MD5
5645a5321164781b0650e774d59b9e29
-
SHA1
10975227ea187031eb8249cfe720192483252f5f
-
SHA256
7c059cc6f0344e6f066dac8db17c6d1e2202448c865cc98d9046e50314e5d0b9
-
SHA512
80d490e8c4c263803121836a9b220a9d3bed5d4ee9c50a2002283a2d13afdb2f4ae1bb19cef97d74354c1c72f882f014b4101e6a20807f034b7f0fba17a58321
-
SSDEEP
12288:T0OZhtesZ5Z3c7DEgfD9wer+GLFlIK/BwlTpH900Frt6k+eE5crJ+:T/ttZ3c7DEgfDGer+GLwlTpuEscd+
Score
10/10
Malware Config
Extracted
Family
azorult
C2
http://195.206.106.166/index.php
Signatures
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5645a5321164781b0650e774d59b9e29_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5645a5321164781b0650e774d59b9e29_JaffaCakes118.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1040 --field-trial-handle=2280,i,4114443225282860369,4764091921472631035,262144 --variations-seed-version /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
876KB
-
Filesize
876KB
-
Filesize
876KB
-
Filesize
876KB