5ea86cd23130fac7c25f13159094264a53a1ff28bacc0f2f36b564677a55fb2d

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04/06/2024, 23:55 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe
Size

62KB
MD5

96af45cb58cb380df8e786b2980783c5
SHA1

0913d1cc1afa01721bb6771eeaa9c2410905758c
SHA256

5ea86cd23130fac7c25f13159094264a53a1ff28bacc0f2f36b564677a55fb2d
SHA512

fcc57a43788ec141059ce581b0d7a7ca2b8a091ab7aa2a502a1546b3cbaf43ce42c83770e7c23c9b3c4800d6436d8d3e5b9a26e7a2114ae327d78604adb8fdde
SSDEEP

768:3SuEBr5TxZ3ILakH+MQTbTf1YK5dEde6w4tKmc3K1RHpuiCYycRoGpPnLsOPkMdD:bErPZ3IBZcbTfu1HlrJFCPcbPnLsO/Zn

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 3 IoCs

pid	Process
2044	96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe
2044	96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe
2044	96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
PID:2044

Network

DNS

malta.pushmonkey.life

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

malta.pushmonkey.life

IN A

Response
DNS

malta.pushmonkey.life

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

malta.pushmonkey.life

IN A
DNS

malta.pushmonkey.life

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

malta.pushmonkey.life

IN A
DNS

finland.carbaseball.club

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

finland.carbaseball.club

IN A

Response
DNS

usa.theorybasketball.online

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

usa.theorybasketball.online

IN A

Response

No results found

8.8.8.8:53

malta.pushmonkey.life

dns

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

201 B
135 B
3
1

DNS Request

malta.pushmonkey.life

DNS Request

malta.pushmonkey.life

DNS Request

malta.pushmonkey.life
8.8.8.8:53

finland.carbaseball.club

dns

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

70 B
137 B
1
1

DNS Request

finland.carbaseball.club
8.8.8.8:53

usa.theorybasketball.online

dns

96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

73 B
138 B
1
1

DNS Request

usa.theorybasketball.online

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\nso2DE5.tmp\NSISdl.dll

Filesize
15KB

MD5
7caaf58a526da33c24cbe122e7839693

SHA1
7687112cb6593947226f8a8319d6e2d0cdef3b11

SHA256
19debdc4c0b6f5dc9582bda7a2c1146516f683e8d741190e6d4b81ad10b33f61

SHA512
aafd0cb2abb3d2dee95c2d037a6a1a5bff0518e3210ced0c39e6d6696e4fab4734df01476fe9dcb208f02c529cd03346bc8b7f3319ae49701bbf2cb453d59bae

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.