Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    21-05-2024 20:51

General

  • Target

    64b9cd2f4ee98c2fab81112600647048_JaffaCakes118.exe

  • Size

    210KB

  • MD5

    64b9cd2f4ee98c2fab81112600647048

  • SHA1

    aaad8d36aee3e9f5065a31b6c4be090ec2ba1fc7

  • SHA256

    13e4e793da73b5c9e1b98cb6bfb91742dcdf388cee49445deb98142d5ed94b79

  • SHA512

    d2d10c6229a7285d9100b13f6c6c6012987d8f466ff2588e805758a5abba6f52489414a6e8551b3c233610a60f957b19be6ab0e90a46e6909d0fca19f35bb233

  • SSDEEP

    3072:1PRgtvIjkYvBJFlyUj9oGjtOM+IcpwOH+J9cFmgOJtGTka0wp4+e19uEHmciZ:1PTR7LJjD+IcpE588+e19uEGciZ

Score
6/10

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\64b9cd2f4ee98c2fab81112600647048_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\64b9cd2f4ee98c2fab81112600647048_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    PID:1728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1728-2-0x0000000000940000-0x0000000000980000-memory.dmp

    Filesize

    256KB

  • memory/1728-1-0x0000000000940000-0x0000000000980000-memory.dmp

    Filesize

    256KB

  • memory/1728-0-0x0000000000690000-0x00000000006D0000-memory.dmp

    Filesize

    256KB

  • memory/1728-4-0x0000000000C70000-0x0000000000CB0000-memory.dmp

    Filesize

    256KB

  • memory/1728-5-0x0000000000140000-0x000000000016F000-memory.dmp

    Filesize

    188KB