Analysis

  • max time kernel
    144s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    19-05-2024 20:51

General

  • Target

    5b6885ebd83a7ac6d4e9ded6017d7032_JaffaCakes118.doc

  • Size

    34KB

  • MD5

    5b6885ebd83a7ac6d4e9ded6017d7032

  • SHA1

    e655f2f8ee392fae26292ce6d3dc8066acdb7906

  • SHA256

    30a49eeed2dfab51b07cf23e948a33c6c2b51fd27c4b2aef506ea16a200ec7bd

  • SHA512

    6030f2d26baeeaaa925ec5426090889e00f475904ba4baf996a0908dc5c61fdb0422887c84a36fe3d328bc8b2fe98625c5335516504eb19b461d6b00ec40fb5f

  • SSDEEP

    384:zA4dzY0WpSbuj/LdPvenCpeJzKoSS3DyJe8oYGBhPEI8368osCg3Tp:ddzY0WcqjjVenFFRDM4YG/hiSsv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\5b6885ebd83a7ac6d4e9ded6017d7032_JaffaCakes118.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1688-0-0x000000002F3F1000-0x000000002F3F2000-memory.dmp

    Filesize

    4KB

  • memory/1688-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

  • memory/1688-2-0x00000000715CD000-0x00000000715D8000-memory.dmp

    Filesize

    44KB

  • memory/1688-5-0x00000000715CD000-0x00000000715D8000-memory.dmp

    Filesize

    44KB