154debc98ee44a444d789afe0800de953b102d68ca34f29555fb97dffc72af66

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
01-06-2024 09:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe
Size

367KB
MD5

8a1da4f928f6a15fd5904b697facae64
SHA1

102c2b97d77f536c274e59f37348fdc76459a1de
SHA256

154debc98ee44a444d789afe0800de953b102d68ca34f29555fb97dffc72af66
SHA512

a41098de417872b31c9e31cfb0f66c25a8f411d1767f5a49d50a1ede4d0096e3b4b371fedfa4ac27d279f1220241d3459261aad02a5b7b0788d49ea5bfda9207
SSDEEP

6144:/aYUi7fhRR8eISwpDM84Y9Y2h1IJggp7EXRPNr0JsOUZsMWXGagc:/aYUi7f57ewDeO+Awnagc

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.lnk	8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe

Loads dropped DLL 1 IoCs

pid	Process
3000	8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe"
1⤵
- Drops startup file
- Loads dropped DLL
PID:3000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\ProgramData\{f69fba4c-a3fe-9bf9-f69f-fba4ca3fe932}\8a1da4f928f6a15fd5904b697facae64_JaffaCakes118.exe

Filesize
367KB

MD5
8a1da4f928f6a15fd5904b697facae64

SHA1
102c2b97d77f536c274e59f37348fdc76459a1de

SHA256
154debc98ee44a444d789afe0800de953b102d68ca34f29555fb97dffc72af66

SHA512
a41098de417872b31c9e31cfb0f66c25a8f411d1767f5a49d50a1ede4d0096e3b4b371fedfa4ac27d279f1220241d3459261aad02a5b7b0788d49ea5bfda9207

Download Submit
memory/3000-25-0x0000000000B70000-0x0000000000B71000-memory.dmp

Filesize
4KB

Download
memory/3000-23-0x0000000000B60000-0x0000000000B61000-memory.dmp

Filesize
4KB

Download
memory/3000-20-0x0000000000B00000-0x0000000000B01000-memory.dmp

Filesize
4KB

Download
memory/3000-24-0x0000000000B80000-0x0000000000B81000-memory.dmp

Filesize
4KB

Download
memory/3000-19-0x0000000000790000-0x0000000000791000-memory.dmp

Filesize
4KB

Download
memory/3000-22-0x0000000000330000-0x0000000000332000-memory.dmp

Filesize
8KB

Download
memory/3000-21-0x0000000000B50000-0x0000000000B51000-memory.dmp

Filesize
4KB

Download
memory/3000-31-0x0000000002000000-0x0000000002001000-memory.dmp

Filesize
4KB

Download
memory/3000-30-0x0000000000B90000-0x0000000000B91000-memory.dmp

Filesize
4KB

Download
memory/3000-29-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/3000-28-0x0000000000B30000-0x0000000000B31000-memory.dmp

Filesize
4KB

Download
memory/3000-18-0x0000000000780000-0x0000000000781000-memory.dmp

Filesize
4KB

Download
memory/3000-26-0x0000000000B10000-0x0000000000B11000-memory.dmp

Filesize
4KB

Download
memory/3000-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3000-3-0x00000000007A0000-0x00000000007CC000-memory.dmp

Filesize
176KB

Download
memory/3000-2-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/3000-27-0x0000000000B20000-0x0000000000B21000-memory.dmp

Filesize
4KB

Download
memory/3000-17-0x0000000000770000-0x0000000000771000-memory.dmp

Filesize
4KB

Download
memory/3000-16-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/3000-15-0x0000000000750000-0x0000000000751000-memory.dmp

Filesize
4KB

Download
memory/3000-14-0x0000000000740000-0x0000000000741000-memory.dmp

Filesize
4KB

Download
memory/3000-13-0x0000000000730000-0x0000000000731000-memory.dmp

Filesize
4KB

Download
memory/3000-12-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/3000-11-0x0000000000320000-0x0000000000321000-memory.dmp

Filesize
4KB

Download
memory/3000-10-0x0000000000310000-0x0000000000311000-memory.dmp

Filesize
4KB

Download
memory/3000-9-0x0000000000300000-0x0000000000301000-memory.dmp

Filesize
4KB

Download
memory/3000-8-0x00000000002F0000-0x00000000002F1000-memory.dmp

Filesize
4KB

Download
memory/3000-7-0x00000000002E0000-0x00000000002E1000-memory.dmp

Filesize
4KB

Download
memory/3000-1-0x0000000000030000-0x0000000000032000-memory.dmp

Filesize
8KB

Download