Analysis
-
max time kernel
141s -
max time network
134s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
02/06/2024, 23:44
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe
Resource
win7-20240508-en
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe
Resource
win10v2004-20240426-en
3 signatures
150 seconds
General
-
Target
8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe
-
Size
982KB
-
MD5
8fd8c3ad4bfd916497f4fc0c0f01ecfa
-
SHA1
d5a7573dbdefa56b362569c162c0eb054be55d08
-
SHA256
57c1e72bdcff21d00c79d224f59a766e5a9d3a69b6abb7534757560f4d459cb2
-
SHA512
494f260998b37de367a72df23a19b09b2279685a86af3a23da109b7aa9b17d4ed46c0a17fc5cc7e494c1e01a95ac2d54be04b477323d23f938ec12cf7b72afa7
-
SSDEEP
24576:vn2FuUPjgjyEnscO25BeS9aFQ24nopDRo:u7+wSIQ2ao
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
flow ioc 14 iplogger.org 15 iplogger.org -
Suspicious use of FindShellTrayWindow 3 IoCs
pid Process 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe -
Suspicious use of SendNotifyMessage 3 IoCs
pid Process 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe 2312 8fd8c3ad4bfd916497f4fc0c0f01ecfa_JaffaCakes118.exe