27fc1b3c50ce5c9c35c06ad2ee7f8ec9044cd30fedcca897b7cf96a3a191f660

Analysis

max time kernel
92s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 15:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8785563e3acc74b48293fc0fb31c5126_JaffaCakes118.exe
Size

371KB
MD5

8785563e3acc74b48293fc0fb31c5126
SHA1

a1e4fdf1010fee51e138bdf2114416a7372af7df
SHA256

27fc1b3c50ce5c9c35c06ad2ee7f8ec9044cd30fedcca897b7cf96a3a191f660
SHA512

504f8501cc286e94bd164edda119d2b60ec6fe8a223101512c436dcd42bcacb792ec247f802a784e77a31d43988a0b86110302b53daccf140c95fc8d9882f704
SSDEEP

6144:vnKnEFfZHOAmDO394BPvF96VIvq7qDvDbfrM9hpzbWiaoBu6/wKC8rAcyvRJsTVL:/KnyhuAmDO3GBPvji2zfrMrbo12qv+

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8785563e3acc74b48293fc0fb31c5126_JaffaCakes118.lnk	8785563e3acc74b48293fc0fb31c5126_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8785563e3acc74b48293fc0fb31c5126_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8785563e3acc74b48293fc0fb31c5126_JaffaCakes118.exe"
1⤵
- Drops startup file
PID:4592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4592-0-0x0000000000BE0000-0x0000000000BE1000-memory.dmp

Filesize
4KB

Download
memory/4592-1-0x0000000000BF0000-0x0000000000BF2000-memory.dmp

Filesize
8KB

Download
memory/4592-2-0x0000000000E00000-0x0000000000E01000-memory.dmp

Filesize
4KB

Download
memory/4592-3-0x00000000012D0000-0x00000000012D1000-memory.dmp

Filesize
4KB

Download
memory/4592-11-0x0000000003850000-0x0000000003851000-memory.dmp

Filesize
4KB

Download
memory/4592-14-0x0000000003810000-0x0000000003812000-memory.dmp

Filesize
8KB

Download
memory/4592-13-0x0000000003870000-0x0000000003871000-memory.dmp

Filesize
4KB

Download
memory/4592-22-0x00000000038D0000-0x00000000038D1000-memory.dmp

Filesize
4KB

Download
memory/4592-24-0x0000000003920000-0x0000000003921000-memory.dmp

Filesize
4KB

Download
memory/4592-23-0x0000000003930000-0x0000000003931000-memory.dmp

Filesize
4KB

Download
memory/4592-21-0x0000000003910000-0x0000000003911000-memory.dmp

Filesize
4KB

Download
memory/4592-20-0x0000000003900000-0x0000000003901000-memory.dmp

Filesize
4KB

Download
memory/4592-19-0x00000000038F0000-0x00000000038F1000-memory.dmp

Filesize
4KB

Download
memory/4592-18-0x00000000038E0000-0x00000000038E1000-memory.dmp

Filesize
4KB

Download
memory/4592-17-0x0000000004090000-0x0000000004091000-memory.dmp

Filesize
4KB

Download
memory/4592-16-0x0000000003890000-0x0000000003891000-memory.dmp

Filesize
4KB

Download
memory/4592-15-0x0000000003880000-0x0000000003881000-memory.dmp

Filesize
4KB

Download
memory/4592-12-0x0000000003860000-0x0000000003861000-memory.dmp

Filesize
4KB

Download
memory/4592-9-0x0000000003830000-0x0000000003831000-memory.dmp

Filesize
4KB

Download
memory/4592-8-0x0000000003820000-0x0000000003821000-memory.dmp

Filesize
4KB

Download
memory/4592-7-0x00000000033E0000-0x00000000033E1000-memory.dmp

Filesize
4KB

Download
memory/4592-10-0x0000000003840000-0x0000000003841000-memory.dmp

Filesize
4KB

Download
memory/4592-6-0x00000000019D0000-0x00000000019D1000-memory.dmp

Filesize
4KB

Download
memory/4592-5-0x0000000001400000-0x0000000001401000-memory.dmp

Filesize
4KB

Download
memory/4592-4-0x00000000013F0000-0x00000000013F1000-memory.dmp

Filesize
4KB

Download
memory/4592-25-0x00000000038A0000-0x00000000038CC000-memory.dmp

Filesize
176KB

Download
memory/4592-30-0x0000000003DF0000-0x0000000003DF1000-memory.dmp

Filesize
4KB

Download
memory/4592-29-0x0000000003940000-0x0000000003941000-memory.dmp

Filesize
4KB

Download
memory/4592-37-0x0000000003540000-0x0000000003541000-memory.dmp

Filesize
4KB

Download