Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
22-05-2024 03:21
General
-
Target
65d5ae4acda27c4bb47a179425030a3f_JaffaCakes118.exe
-
Size
3.2MB
-
MD5
65d5ae4acda27c4bb47a179425030a3f
-
SHA1
6f504fbfc5c4740f8cf8dd77253f02e6db20d13e
-
SHA256
49286301a9d38f27194d169a7da5d3a6bb351073f0df2f56f9545434a70842e2
-
SHA512
a1895bfae4159756cb2b89e3ee67cee59574c1563c3ae1b0c8713e857c8f711c0f2633bc58dc8de7133ed7238b947837d2ea42b61ac6798e86971493d0fe3827
-
SSDEEP
98304:G2cPK8r/gia3xXjaBhbA2kBpxg0H6Qla:pCKywXjsAJgu6Z
Score
1/10
Malware Config
Signatures
-
NTFS ADS 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 10 IoCs
-
Suspicious use of SendNotifyMessage 10 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\65d5ae4acda27c4bb47a179425030a3f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\65d5ae4acda27c4bb47a179425030a3f_JaffaCakes118.exe"1⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\ZHP\ZHPcleaner\ZHPCFileTransGui.jpgFilesize
12KB
MD532430de585a98f480347e8f7b69b7bfa
SHA1618cff46168d717dc3b8a1bb7564951186268840
SHA256f651b3a8956e95a932c174c32fcb82ec19fa12b9a5a989aa0c40df5713a24acf
SHA5128a81e0170d9bba995e37dec2b5589c02fef184d552175bf7312f98b3284e7b938e7efaa2257b3d4246a250f67a7bb7d605f9a60af77f21d859336b5ce391a8f4
