16a4e5a2c5cddfc5b03fc04390dc3a73bb23c94ba25741dc20a029095114ad0c

Analysis

max time kernel
144s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
02-06-2024 19:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f3c609a15f8b1abd34441443bb9dea8_JaffaCakes118.exe
Size

456KB
MD5

8f3c609a15f8b1abd34441443bb9dea8
SHA1

83dd404f6c89a54f43e0f738afe44dde88434f70
SHA256

16a4e5a2c5cddfc5b03fc04390dc3a73bb23c94ba25741dc20a029095114ad0c
SHA512

8780aa49e96170f3c0f2be7240fc780e51ab741fd699051f6f9b43c14d9de0a93571397d06b48407b4a3425d50f75e572886db85f9a360e337b2471c7ec76da3
SSDEEP

12288:67dh1Hg0NeiCN5FZrh5pue2J8cYDGP+kPnZ:sVpeiCbrh5w9J80Z

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8f3c609a15f8b1abd34441443bb9dea8_JaffaCakes118.lnk	8f3c609a15f8b1abd34441443bb9dea8_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8f3c609a15f8b1abd34441443bb9dea8_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8f3c609a15f8b1abd34441443bb9dea8_JaffaCakes118.exe"
1⤵
- Drops startup file
PID:940

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1824 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
1⤵
PID:1724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/940-0-0x0000000000970000-0x0000000000971000-memory.dmp

Filesize
4KB

Download
memory/940-1-0x0000000000980000-0x0000000000982000-memory.dmp

Filesize
8KB

Download
memory/940-2-0x0000000000990000-0x0000000000991000-memory.dmp

Filesize
4KB

Download
memory/940-3-0x0000000000BD0000-0x0000000000BD1000-memory.dmp

Filesize
4KB

Download
memory/940-6-0x0000000001A80000-0x0000000001A81000-memory.dmp

Filesize
4KB

Download
memory/940-5-0x0000000001A70000-0x0000000001A71000-memory.dmp

Filesize
4KB

Download
memory/940-8-0x0000000001AF0000-0x0000000001AF1000-memory.dmp

Filesize
4KB

Download
memory/940-13-0x0000000001B40000-0x0000000001B41000-memory.dmp

Filesize
4KB

Download
memory/940-12-0x0000000001B30000-0x0000000001B31000-memory.dmp

Filesize
4KB

Download
memory/940-11-0x0000000001B20000-0x0000000001B21000-memory.dmp

Filesize
4KB

Download
memory/940-10-0x0000000001B10000-0x0000000001B11000-memory.dmp

Filesize
4KB

Download
memory/940-9-0x0000000001B00000-0x0000000001B01000-memory.dmp

Filesize
4KB

Download
memory/940-16-0x0000000001BA0000-0x0000000001BA1000-memory.dmp

Filesize
4KB

Download
memory/940-15-0x0000000001B60000-0x0000000001B61000-memory.dmp

Filesize
4KB

Download
memory/940-14-0x0000000001B50000-0x0000000001B51000-memory.dmp

Filesize
4KB

Download
memory/940-7-0x0000000001A90000-0x0000000001A91000-memory.dmp

Filesize
4KB

Download
memory/940-4-0x0000000000BF0000-0x0000000000BF1000-memory.dmp

Filesize
4KB

Download
memory/940-17-0x0000000001AE0000-0x0000000001AE2000-memory.dmp

Filesize
8KB

Download
memory/940-20-0x0000000003760000-0x0000000003761000-memory.dmp

Filesize
4KB

Download
memory/940-18-0x0000000001BB0000-0x0000000001BB1000-memory.dmp

Filesize
4KB

Download
memory/940-21-0x0000000003770000-0x0000000003771000-memory.dmp

Filesize
4KB

Download
memory/940-22-0x0000000003780000-0x0000000003781000-memory.dmp

Filesize
4KB

Download
memory/940-19-0x0000000003750000-0x0000000003751000-memory.dmp

Filesize
4KB

Download
memory/940-23-0x0000000003790000-0x0000000003791000-memory.dmp

Filesize
4KB

Download
memory/940-24-0x00000000037A0000-0x00000000037A1000-memory.dmp

Filesize
4KB

Download
memory/940-25-0x00000000037B0000-0x00000000037B1000-memory.dmp

Filesize
4KB

Download
memory/940-26-0x0000000001B70000-0x0000000001B9C000-memory.dmp

Filesize
176KB

Download
memory/940-30-0x00000000037C0000-0x00000000037C1000-memory.dmp

Filesize
4KB

Download
memory/940-31-0x0000000003B10000-0x0000000003B11000-memory.dmp

Filesize
4KB

Download
memory/940-38-0x00000000035E0000-0x00000000035E1000-memory.dmp

Filesize
4KB

Download