5de0393609d1bae5d9eaca2d6e7f0f717fff9b56138e8c7d44e66e2d38ac0939

Analysis

max time kernel
133s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2024, 10:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

751eea6353f1c532c4cec1f8bc5952b3_JaffaCakes118.exe
Size

2.1MB
MD5

751eea6353f1c532c4cec1f8bc5952b3
SHA1

9c4d0ede690b278ab9f6a8fb741c84a14198eb58
SHA256

5de0393609d1bae5d9eaca2d6e7f0f717fff9b56138e8c7d44e66e2d38ac0939
SHA512

4afdd3a3f4b66df4d5147c2868a8958496481ae23276c98018dd144b324fe1721777fc8273fdeeee059264bc65043c3ab7d0055bb841fb05d5b8529ea156cd69
SSDEEP

49152:+mL0pbzyib97aKOcrq6ULaTA8AVTdjfzqPRpt6xh15b:x8n5gcrq6ULaTAdNdiPL2jt

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
3172	751eea6353f1c532c4cec1f8bc5952b3_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\751eea6353f1c532c4cec1f8bc5952b3_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\751eea6353f1c532c4cec1f8bc5952b3_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
PID:3172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsu51BC.tmp\InstallOptions.dll

Filesize
14KB

MD5
325b008aec81e5aaa57096f05d4212b5

SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3

SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsu51BC.tmp\ioSpecial.ini

Filesize
633B

MD5
3511597621b1d78bb6ef9742198a1275

SHA1
13587427e57c6db61f937adb4653f209bb13fb6a

SHA256
626dfdbf2b61cb5129c2d083808ed0bca93f0e1d4bbe09fd059f1b8d1bfc34b6

SHA512
c6201d5e31d49c8b07e7110539e454663037f7988360ff284876f89d2ca5e267972555bfd9bd24cedb89f5a7cfa132935cb7f20f4c6fcfe69f5f076e171d69c2

Download Submit