705f540fdf7ae40fd102739bbeb6f5833fd84a24662142f4dce9b7d58a86307e

Analysis

max time kernel
138s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
25/05/2024, 20:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

731c62f3bdde8340b0cc0880e318e7e2_JaffaCakes118.exe
Size

185KB
MD5

731c62f3bdde8340b0cc0880e318e7e2
SHA1

e17a94d0571e6ada2793d6f36da52089311a9274
SHA256

705f540fdf7ae40fd102739bbeb6f5833fd84a24662142f4dce9b7d58a86307e
SHA512

d871e87292b00627e91aaf0b5cf60fbe75668a0064527ba2b1a5fe2cff118c0f3c42da4807e55899394b7786fab6be8a37239e5a0a3558ad43db0c5afc08e104
SSDEEP

3072:ZDa9TKx2yqR8wz3HQYVwBPqP+hXLYAsnWk0knpUoPs3Ir3e9psnYxm5l2gTk7yMB:JqT7yqmwz3wYOBxh7YAsj0ke8s3IUps4

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EAA3B7AF2FC1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\731c62f3bdde8340b0cc0880e318e7e2_JaffaCakes118.exe"	731c62f3bdde8340b0cc0880e318e7e2_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\731c62f3bdde8340b0cc0880e318e7e2_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\731c62f3bdde8340b0cc0880e318e7e2_JaffaCakes118.exe"
1⤵
- Adds Run key to start application
PID:224

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/224-0-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-3-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-5-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-4-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-2-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-1-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download
memory/224-7-0x0000000000457000-0x0000000000462000-memory.dmp

Filesize
44KB

Download
memory/224-9-0x0000000000400000-0x000000000046B000-memory.dmp

Filesize
428KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads