Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2024 15:39

General

  • Target

    7d7d49dd29d8729fd5af12c21e6c0e69_JaffaCakes118.exe

  • Size

    234KB

  • MD5

    7d7d49dd29d8729fd5af12c21e6c0e69

  • SHA1

    40b06d52ad0c7404fdf8f8782348d51750e43238

  • SHA256

    05fdb8ba9d3666b3c1420cc81082c84cc4d7714a11196772d1771fcc2a9ef6c1

  • SHA512

    7e4ec549ec88493e1cb9b6950f6cd0393cc8d20cb4dc467a39f05f1f99707b7feb9ba55c1f3e3fda7f05d67183b73c46c9e2501f256bc066a218ad83a51726da

  • SSDEEP

    6144:+F/OMu7k34LOeZ3EiXb7TMjIeu9WyWOgj:sLu7kIL3Z3EQ3gJu99WOgj

Score
6/10

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d7d49dd29d8729fd5af12c21e6c0e69_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7d7d49dd29d8729fd5af12c21e6c0e69_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2364-0-0x00000000007D0000-0x0000000000810000-memory.dmp

    Filesize

    256KB

  • memory/2364-1-0x00000000009A0000-0x00000000009E0000-memory.dmp

    Filesize

    256KB

  • memory/2364-2-0x00000000009A0000-0x00000000009E0000-memory.dmp

    Filesize

    256KB

  • memory/2364-3-0x0000000000BB0000-0x0000000000BF0000-memory.dmp

    Filesize

    256KB

  • memory/2364-5-0x00000000006A0000-0x00000000006CF000-memory.dmp

    Filesize

    188KB