9dfbb71447a04ca936ba48f367cfaed2892a3356b0115fd875e09f3612be3d61

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe
Size

475KB
MD5

689a7398526538d3061b4fde34c80afb
SHA1

3d673d297dee4e676fa8276a636aedaaba78c3e7
SHA256

9dfbb71447a04ca936ba48f367cfaed2892a3356b0115fd875e09f3612be3d61
SHA512

d2895ad516f971628140edadd8d4ff77babb709c5f77af871c266337c64e3e1954c2e8ec3bc7db185a0ff92ce1b083c050242a4ca9d9fc509768c30255039356
SSDEEP

6144:y8M5ajo6AhhgYKdDYDAUz1OhGKzzqZ3SFxw6AGWb1C3sr+sGGzAes7oWsPQcB1R7:y/5oo1HgDYsUzwAOz6SXC1r+lqRJ

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

Processes:

689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\689a7398526538d3061b4fde34c80afb_JaffaCakes118.lnk	689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

Loads dropped DLL 1 IoCs

Processes:

689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

pid process

108 689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

pid	process
108	689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe"
1⤵
- Drops startup file
- Loads dropped DLL
PID:108

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\ProgramData\{51a2cb7c-ab3c-ab44-51a2-2cb7cab32df2}\689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

Filesize
475KB

MD5
689a7398526538d3061b4fde34c80afb

SHA1
3d673d297dee4e676fa8276a636aedaaba78c3e7

SHA256
9dfbb71447a04ca936ba48f367cfaed2892a3356b0115fd875e09f3612be3d61

SHA512
d2895ad516f971628140edadd8d4ff77babb709c5f77af871c266337c64e3e1954c2e8ec3bc7db185a0ff92ce1b083c050242a4ca9d9fc509768c30255039356

Download Submit
memory/108-15-0x0000000000700000-0x0000000000701000-memory.dmp

Filesize
4KB

Download
memory/108-27-0x00000000006B0000-0x00000000006B1000-memory.dmp

Filesize
4KB

Download
memory/108-14-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/108-28-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/108-13-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/108-26-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/108-25-0x0000000000690000-0x0000000000691000-memory.dmp

Filesize
4KB

Download
memory/108-24-0x0000000000820000-0x0000000000821000-memory.dmp

Filesize
4KB

Download
memory/108-23-0x0000000000840000-0x0000000000841000-memory.dmp

Filesize
4KB

Download
memory/108-22-0x0000000000830000-0x0000000000831000-memory.dmp

Filesize
4KB

Download
memory/108-18-0x00000000006D0000-0x00000000006F6000-memory.dmp

Filesize
152KB

Download
memory/108-11-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/108-16-0x0000000000220000-0x0000000000222000-memory.dmp

Filesize
8KB

Download
memory/108-1-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/108-12-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/108-2-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/108-17-0x0000000000810000-0x0000000000811000-memory.dmp

Filesize
4KB

Download
memory/108-10-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/108-9-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/108-8-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/108-7-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/108-6-0x0000000000210000-0x0000000000211000-memory.dmp

Filesize
4KB

Download
memory/108-5-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/108-4-0x00000000001F0000-0x00000000001F1000-memory.dmp

Filesize
4KB

Download
memory/108-3-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/108-30-0x0000000000860000-0x0000000000861000-memory.dmp

Filesize
4KB

Download
memory/108-29-0x0000000000850000-0x0000000000851000-memory.dmp

Filesize
4KB

Download
memory/108-34-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download
memory/108-0-0x0000000000020000-0x0000000000022000-memory.dmp

Filesize
8KB

Download