Overview

overview

3

Static

static

1

885c6992a6...118.js

windows7-x64

3

885c6992a6...118.js

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/05/2024, 21:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    885c6992a602e5ef7abd14de767431b2_JaffaCakes118.js

  • Size

    501KB

  • MD5

    885c6992a602e5ef7abd14de767431b2

  • SHA1

    cf4fafdecf966bca654384e12d9edb812a61d17b

  • SHA256

    2b0c500b1005541bbe7d4d398197f86e50cdfd9cacc9d8ad6a89b27efbaa5fff

  • SHA512

    5fbe6f9e61f8f276eff030571f93d39ce98e96c2f5740ea70d729f9c46ef8490c5dc8c949e9a4c1809e7cc498c22127e420e831ce7a2306ae019c108ee8e5ba8

  • SSDEEP

    3072:R5KnVyTKBJdb092t72ihB38TZ0i4TOd4mJIs1eO3z1shrS+dxCmPqgskgBhXNKq2:R5KVyT88E8UT5cOwtq

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\885c6992a602e5ef7abd14de767431b2_JaffaCakes118.js
    1⤵
      PID:4416
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3756 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:3260

      Network

      • flag-us
        DNS
        104.219.191.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        104.219.191.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        240.221.184.93.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        240.221.184.93.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        23.159.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        23.159.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        196.249.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        196.249.167.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        26.165.165.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        26.165.165.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        56.126.166.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        56.126.166.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        149.220.183.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        149.220.183.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        145.83.221.88.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        145.83.221.88.in-addr.arpa
        IN PTR
        Response
        145.83.221.88.in-addr.arpa
        IN PTR
        a88-221-83-145deploystaticakamaitechnologiescom
      • flag-us
        DNS
        13.227.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        13.227.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        105.83.221.88.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        105.83.221.88.in-addr.arpa
        IN PTR
        Response
        105.83.221.88.in-addr.arpa
        IN PTR
        a88-221-83-105deploystaticakamaitechnologiescom
      • flag-us
        DNS
        5.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        5.173.189.20.in-addr.arpa
        IN PTR
        Response
      • 20.231.121.79:80
        46 B
         1
      • 13.107.246.64:443
        46 B
         40 B
         1
        1
      • 8.8.8.8:53
        104.219.191.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        104.219.191.52.in-addr.arpa

      • 8.8.8.8:53
        240.221.184.93.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        240.221.184.93.in-addr.arpa

      • 8.8.8.8:53
        23.159.190.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        23.159.190.20.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        196.249.167.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        196.249.167.52.in-addr.arpa

      • 8.8.8.8:53
        26.165.165.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        26.165.165.52.in-addr.arpa

      • 8.8.8.8:53
        56.126.166.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        56.126.166.20.in-addr.arpa

      • 8.8.8.8:53
        149.220.183.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        149.220.183.52.in-addr.arpa

      • 8.8.8.8:53
        145.83.221.88.in-addr.arpa
        dns
        72 B
         137 B
         1
        1

        DNS Request

        145.83.221.88.in-addr.arpa

      • 8.8.8.8:53
        13.227.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        13.227.111.52.in-addr.arpa

      • 8.8.8.8:53
        105.83.221.88.in-addr.arpa
        dns
        72 B
         137 B
         1
        1

        DNS Request

        105.83.221.88.in-addr.arpa

      • 8.8.8.8:53
        5.173.189.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        5.173.189.20.in-addr.arpa

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.