Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-06-2024 23:55

General

  • Target

    96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe

  • Size

    62KB

  • MD5

    96af45cb58cb380df8e786b2980783c5

  • SHA1

    0913d1cc1afa01721bb6771eeaa9c2410905758c

  • SHA256

    5ea86cd23130fac7c25f13159094264a53a1ff28bacc0f2f36b564677a55fb2d

  • SHA512

    fcc57a43788ec141059ce581b0d7a7ca2b8a091ab7aa2a502a1546b3cbaf43ce42c83770e7c23c9b3c4800d6436d8d3e5b9a26e7a2114ae327d78604adb8fdde

  • SSDEEP

    768:3SuEBr5TxZ3ILakH+MQTbTf1YK5dEde6w4tKmc3K1RHpuiCYycRoGpPnLsOPkMdD:bErPZ3IBZcbTfu1HlrJFCPcbPnLsO/Zn

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\96af45cb58cb380df8e786b2980783c5_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nso2DE5.tmp\NSISdl.dll

    Filesize

    15KB

    MD5

    7caaf58a526da33c24cbe122e7839693

    SHA1

    7687112cb6593947226f8a8319d6e2d0cdef3b11

    SHA256

    19debdc4c0b6f5dc9582bda7a2c1146516f683e8d741190e6d4b81ad10b33f61

    SHA512

    aafd0cb2abb3d2dee95c2d037a6a1a5bff0518e3210ced0c39e6d6696e4fab4734df01476fe9dcb208f02c529cd03346bc8b7f3319ae49701bbf2cb453d59bae