f80e24edff572dd8ce0c574bc8aa5ce74435caf3050e1a06dca1016d91f57cdd

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24/05/2024, 23:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

702a7c879e74e76932f59fee0037d8b5_JaffaCakes118.exe
Size

2.0MB
MD5

702a7c879e74e76932f59fee0037d8b5
SHA1

813ced6b6a6ebcfb9627484422e6dc3c0bd28ddb
SHA256

f80e24edff572dd8ce0c574bc8aa5ce74435caf3050e1a06dca1016d91f57cdd
SHA512

fa09e9e0a9b0782adeeaaf82026c26f3ab9c4315efc88a9033814a25fad47328026086452b4802c9c77b5f5ff3c4ef05f8fd893dd0471b9b78e7cb4525d2ee22
SSDEEP

6144:PSFztQURhu860VLu3Bc+UxqLcIKS9YCR2LVR6UYtLpS7kR2:PctQGLwK+/cIKS9YNLPfLkR2

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\Bidaily Synchronize Task[pr].job	702a7c879e74e76932f59fee0037d8b5_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\702a7c879e74e76932f59fee0037d8b5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\702a7c879e74e76932f59fee0037d8b5_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:1692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1692-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/1692-1-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/1692-2-0x00000000000F0000-0x00000000000F1000-memory.dmp

Filesize
4KB

Download
memory/1692-3-0x0000000000100000-0x0000000000101000-memory.dmp

Filesize
4KB

Download
memory/1692-4-0x0000000000110000-0x0000000000111000-memory.dmp

Filesize
4KB

Download
memory/1692-9-0x0000000000180000-0x0000000000181000-memory.dmp

Filesize
4KB

Download
memory/1692-8-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/1692-7-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/1692-6-0x0000000000130000-0x0000000000131000-memory.dmp

Filesize
4KB

Download
memory/1692-5-0x0000000000120000-0x0000000000121000-memory.dmp

Filesize
4KB

Download
memory/1692-20-0x0000000000650000-0x0000000000651000-memory.dmp

Filesize
4KB

Download
memory/1692-19-0x0000000000640000-0x0000000000641000-memory.dmp

Filesize
4KB

Download
memory/1692-18-0x0000000000630000-0x0000000000631000-memory.dmp

Filesize
4KB

Download
memory/1692-17-0x0000000000620000-0x0000000000621000-memory.dmp

Filesize
4KB

Download
memory/1692-16-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download
memory/1692-15-0x00000000001E0000-0x00000000001E1000-memory.dmp

Filesize
4KB

Download
memory/1692-14-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/1692-13-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/1692-12-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/1692-11-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/1692-10-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/1692-21-0x0000000000660000-0x000000000068F000-memory.dmp

Filesize
188KB

Download
memory/1692-27-0x00000000006B0000-0x00000000006B1000-memory.dmp

Filesize
4KB

Download
memory/1692-26-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/1692-25-0x0000000000690000-0x0000000000691000-memory.dmp

Filesize
4KB

Download
memory/1692-28-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/1692-31-0x00000000006F0000-0x00000000006F1000-memory.dmp

Filesize
4KB

Download
memory/1692-30-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/1692-29-0x00000000006D0000-0x00000000006D1000-memory.dmp

Filesize
4KB

Download
memory/1692-36-0x0000000000700000-0x0000000000701000-memory.dmp

Filesize
4KB

Download