9dfbb71447a04ca936ba48f367cfaed2892a3356b0115fd875e09f3612be3d61

Analysis

max time kernel
112s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe
Size

475KB
MD5

689a7398526538d3061b4fde34c80afb
SHA1

3d673d297dee4e676fa8276a636aedaaba78c3e7
SHA256

9dfbb71447a04ca936ba48f367cfaed2892a3356b0115fd875e09f3612be3d61
SHA512

d2895ad516f971628140edadd8d4ff77babb709c5f77af871c266337c64e3e1954c2e8ec3bc7db185a0ff92ce1b083c050242a4ca9d9fc509768c30255039356
SSDEEP

6144:y8M5ajo6AhhgYKdDYDAUz1OhGKzzqZ3SFxw6AGWb1C3sr+sGGzAes7oWsPQcB1R7:y/5oo1HgDYsUzwAOz6SXC1r+lqRJ

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

Processes:

689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

description	ioc	process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\689a7398526538d3061b4fde34c80afb_JaffaCakes118.lnk	689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\689a7398526538d3061b4fde34c80afb_JaffaCakes118.exe"
1⤵
- Drops startup file
PID:2952

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1340 --field-trial-handle=2244,i,11878111470816612087,2265290141962607370,262144 --variations-seed-version /prefetch:8
1⤵
PID:3192

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2952-0-0x0000000000B40000-0x0000000000B42000-memory.dmp

Filesize
8KB

Download
memory/2952-1-0x0000000000B50000-0x0000000000B51000-memory.dmp

Filesize
4KB

Download
memory/2952-2-0x0000000001B90000-0x0000000001B91000-memory.dmp

Filesize
4KB

Download
memory/2952-5-0x0000000001BD0000-0x0000000001BD1000-memory.dmp

Filesize
4KB

Download
memory/2952-13-0x0000000001CA0000-0x0000000001CA1000-memory.dmp

Filesize
4KB

Download
memory/2952-14-0x0000000001CB0000-0x0000000001CB1000-memory.dmp

Filesize
4KB

Download
memory/2952-12-0x0000000001C90000-0x0000000001C91000-memory.dmp

Filesize
4KB

Download
memory/2952-11-0x0000000001C80000-0x0000000001C81000-memory.dmp

Filesize
4KB

Download
memory/2952-10-0x0000000001C70000-0x0000000001C71000-memory.dmp

Filesize
4KB

Download
memory/2952-9-0x0000000001C60000-0x0000000001C61000-memory.dmp

Filesize
4KB

Download
memory/2952-8-0x0000000001C50000-0x0000000001C51000-memory.dmp

Filesize
4KB

Download
memory/2952-7-0x0000000001C40000-0x0000000001C41000-memory.dmp

Filesize
4KB

Download
memory/2952-6-0x0000000001BE0000-0x0000000001BE1000-memory.dmp

Filesize
4KB

Download
memory/2952-4-0x0000000001BC0000-0x0000000001BC1000-memory.dmp

Filesize
4KB

Download
memory/2952-3-0x0000000001BB0000-0x0000000001BB1000-memory.dmp

Filesize
4KB

Download
memory/2952-15-0x0000000003880000-0x0000000003881000-memory.dmp

Filesize
4KB

Download
memory/2952-16-0x0000000001C30000-0x0000000001C32000-memory.dmp

Filesize
8KB

Download
memory/2952-17-0x0000000003890000-0x0000000003891000-memory.dmp

Filesize
4KB

Download
memory/2952-19-0x00000000038B0000-0x00000000038B1000-memory.dmp

Filesize
4KB

Download
memory/2952-18-0x00000000038A0000-0x00000000038A1000-memory.dmp

Filesize
4KB

Download
memory/2952-20-0x00000000038C0000-0x00000000038C1000-memory.dmp

Filesize
4KB

Download
memory/2952-21-0x00000000038D0000-0x00000000038D1000-memory.dmp

Filesize
4KB

Download
memory/2952-23-0x00000000038F0000-0x00000000038F1000-memory.dmp

Filesize
4KB

Download
memory/2952-22-0x00000000038E0000-0x00000000038E1000-memory.dmp

Filesize
4KB

Download
memory/2952-24-0x0000000003900000-0x0000000003901000-memory.dmp

Filesize
4KB

Download
memory/2952-25-0x0000000003910000-0x0000000003911000-memory.dmp

Filesize
4KB

Download
memory/2952-26-0x0000000003850000-0x0000000003876000-memory.dmp

Filesize
152KB

Download
memory/2952-31-0x0000000003930000-0x0000000003931000-memory.dmp

Filesize
4KB

Download
memory/2952-30-0x0000000003920000-0x0000000003921000-memory.dmp

Filesize
4KB

Download