051d2597ad55e1005ca3769b4350b2db647efe0250ba84e77859f76641f39743

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 22:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe
Size

2.0MB
MD5

68d9206575acf8b7cf96808aba29c1c0
SHA1

199c7c0f23ee01ed560f4b6ca253cee971517861
SHA256

051d2597ad55e1005ca3769b4350b2db647efe0250ba84e77859f76641f39743
SHA512

94f01dc790a2ea867649275d4a528a0fb8a9fa87bd4cabf0abc3a0f212b1e19b59894d4f052b1aa5ae46e49933539c0cb32e9e27f6aa0864bae3e46877c51f0d
SSDEEP

6144:KTfZMMLwbdUoJ5lgf3P5ISlihgDcuRmVcqnAnGhxqfUH:KTf6ML2U9/1liQcuR3qnsmAUH

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Drops file in Windows directory 1 IoCs

Processes:

68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe

description ioc process

File created C:\Windows\Tasks\Bidaily Synchronize Task[pr].job 68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe

description	ioc	process
File created	C:\Windows\Tasks\Bidaily Synchronize Task[pr].job	68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\68d9206575acf8b7cf96808aba29c1c0_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:2220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2220-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2220-3-0x0000000000090000-0x0000000000091000-memory.dmp

Filesize
4KB

Download
memory/2220-4-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/2220-2-0x0000000000080000-0x0000000000081000-memory.dmp

Filesize
4KB

Download
memory/2220-1-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/2220-6-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/2220-5-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/2220-12-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2220-11-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/2220-10-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/2220-9-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2220-8-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2220-7-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/2220-15-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/2220-18-0x00000000006B0000-0x00000000006B1000-memory.dmp

Filesize
4KB

Download
memory/2220-17-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/2220-16-0x00000000002B0000-0x00000000002B1000-memory.dmp

Filesize
4KB

Download
memory/2220-14-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/2220-13-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/2220-19-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/2220-21-0x0000000000710000-0x0000000000711000-memory.dmp

Filesize
4KB

Download
memory/2220-20-0x00000000006D0000-0x00000000006D1000-memory.dmp

Filesize
4KB

Download
memory/2220-22-0x00000000006E0000-0x000000000070F000-memory.dmp

Filesize
188KB

Download
memory/2220-31-0x0000000000770000-0x0000000000771000-memory.dmp

Filesize
4KB

Download
memory/2220-32-0x0000000000780000-0x0000000000781000-memory.dmp

Filesize
4KB

Download
memory/2220-30-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/2220-29-0x0000000000750000-0x0000000000751000-memory.dmp

Filesize
4KB

Download
memory/2220-28-0x0000000000740000-0x0000000000741000-memory.dmp

Filesize
4KB

Download
memory/2220-27-0x0000000000730000-0x0000000000731000-memory.dmp

Filesize
4KB

Download
memory/2220-26-0x0000000000720000-0x0000000000721000-memory.dmp

Filesize
4KB

Download
memory/2220-37-0x0000000000C10000-0x0000000000C11000-memory.dmp

Filesize
4KB

Download