Overview

overview

1

Static

static

1

84112e2ee8...18.exe

windows7-x64

1

84112e2ee8...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/05/2024, 11:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    84112e2ee8a4c57cd4ac1bc5c6ab04c5_JaffaCakes118.exe

  • Size

    16.0MB

  • MD5

    84112e2ee8a4c57cd4ac1bc5c6ab04c5

  • SHA1

    2d60b4b0fc45ceacad0a35ab34f1b19ed3e084f1

  • SHA256

    38af527160ae46fd1030bfb3222158bafe0751bfcc1453ee6e55680be1e10c10

  • SHA512

    ffcda3c769bdbed2a4845c14f9060d2d361437872aac448b8cddf68234df243a7ed6768c0aa01dd152aa86f96a94dc6a82203656466a968e5e3ad1800cd21298

  • SSDEEP

    98304:d0PtUxNZ6EhiqI2wfSrhouTZad2Wm0ujBXshxwxYTxkRGeA4wG97fQodzk1n+:d01UML9fSrB8kBXso97fQodzk1n+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\84112e2ee8a4c57cd4ac1bc5c6ab04c5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\84112e2ee8a4c57cd4ac1bc5c6ab04c5_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:3992

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3992-0-0x00007FFB7356D000-0x00007FFB7356E000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3992-1-0x00007FFB734D0000-0x00007FFB736C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/3992-2-0x00007FFB734D0000-0x00007FFB736C5000-memory.dmp

          Filesize

          2.0MB

          Download