Overview

overview

10

Static

static

8

84773231fe...18.msg

windows7-x64

5

84773231fe...18.msg

windows10-2004-x64

3

F4_90-91_P845.doc

windows7-x64

10

F4_90-91_P845.doc

windows10-2004-x64

10

Analysis

  • max time kernel
    131s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/05/2024, 14:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    84773231fe9827f0eab90fc85cf113ea_JaffaCakes118.msg

  • Size

    103KB

  • MD5

    84773231fe9827f0eab90fc85cf113ea

  • SHA1

    ce3f3be8b74687abb009386fb5ad7b3138f808a7

  • SHA256

    5665523cf573835a86d39d1dd7f0f7ae886530cafc7d60e8a66767630869e19f

  • SHA512

    be849e1e69f1129ecbba804918920a6b63be24c4008f3fb978e4dabdb4032ed33f68931405db5b750020233c3f415441312425a114d26e3e458376e030089ccb

  • SSDEEP

    768:V/+w6k3JZfubC7FLVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBt+1o9OkDOsDPjb:Z731ZLocn1kp59gxBK85fBt+a9LdS

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\84773231fe9827f0eab90fc85cf113ea_JaffaCakes118.msg
    1⤵
    • Modifies registry class
    PID:1020
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads