Analysis

  • max time kernel
    93s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-06-2024 03:34

General

  • Target

    89401bbd6861779597b9a4d70146cb17_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    89401bbd6861779597b9a4d70146cb17

  • SHA1

    f97a6479fcf485af51ee25f8534b873b8b568aec

  • SHA256

    88b67f7a181723a120bf4c3afba3b63d5b66c7bcf2d27e3bc42708cc61948c51

  • SHA512

    9cef08dd8e0eac8137621815a7772eba0fad829024523faed5dee91bde57f914bf53d7cf906c1fc666fe260ce041da82498bc93dc3fa114b6a1fe57729eb71ac

  • SSDEEP

    12288:Ch/pCHxW4pbAOeeeZeeeeEhMEr6CX4zist3:U/eDNAuaE6tiE

Score
6/10

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\89401bbd6861779597b9a4d70146cb17_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\89401bbd6861779597b9a4d70146cb17_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Suspicious use of SetWindowsHookEx
    PID:5044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\FG.url

    Filesize

    192B

    MD5

    b32e479bd009ed83990c9673269a8679

    SHA1

    c90602796792d73b8e14df593d28c88639957537

    SHA256

    4da0710275fe2edc624ceae921dfed794450221c88daaac73467fc885cff1a3b

    SHA512

    d29415020d7ddc493ac36ad2351414523f9804f3031a50c6bfded58d8b9a83f13877ae73571e9dcc50eedd7014230196313dfab8618e587e118ae6ba4d94db12

  • memory/5044-0-0x0000000000400000-0x000000000055F000-memory.dmp

    Filesize

    1.4MB