c9479e4436c2d46605bdfca63da3a68fee91bec15a7261bc94013f655d4a239a

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28-05-2024 06:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Size

21.5MB
MD5

7c11e3984aaaa369a41e2ae30f04d62e
SHA1

31b704753f3583737e33be62bc229b94deaa53e1
SHA256

c9479e4436c2d46605bdfca63da3a68fee91bec15a7261bc94013f655d4a239a
SHA512

cc854ef9582c15558d557b76073676f50678f4fd9e90aff62ad5f6e5c5804db2ecf42c06f79ebad5f1c3ad9d8a56b65486f7da7eb5899b4ea60056d48fa1f951
SSDEEP

393216:SQ37GZuPhPNcY7SgrIiZJVkUL9VF/5nUW0zuJzdj5lh6nw8mVkuBBd+5ZkeGJs:SQ3CYP53PtBVrPJbP6njmVRU5t

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 23 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeSecurityPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeTakeOwnershipPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeLoadDriverPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeSystemProfilePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeSystemtimePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeProfSingleProcessPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeIncBasePriorityPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeCreatePagefilePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeBackupPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeRestorePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeShutdownPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeDebugPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeSystemEnvironmentPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeChangeNotifyPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeRemoteShutdownPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeUndockPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeManageVolumePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeImpersonatePrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: SeCreateGlobalPrivilege	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: 33	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: 34	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
Token: 35	2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
2060	7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\7c11e3984aaaa369a41e2ae30f04d62e_JaffaCakes118.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2060

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads