Analysis
-
max time kernel
0s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
06-06-2024 04:05
Behavioral task
behavioral1
Sample
99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe
-
Size
10.0MB
-
MD5
99ed70c894f5c6ed27fed79d75d023fe
-
SHA1
81a06006db50c1eadcf6c10616dcda5e5bf5935e
-
SHA256
b1bde404044173c81f469585e38c9cf52cb32f9dd15aa781995045af7bd9910d
-
SHA512
cac1b560e6054cfdefc93c433365d74d3713c918809aeaa83106537c5eb9695be24291792543762cfdcb43fcc70066f3ce716fe0293005cb1130f4c201b70612
-
SSDEEP
196608:d+xLg39onJ5hrZERVM+ENFJzFcguY48RmU/3ZlsPv+W25DT558Cx+clYtgFVR4/i:4S9c5hlERVMRFJzFcguYtN3ZW7YP+cl0
Malware Config
Signatures
-
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
Processes:
flow ioc 2 api.ipify.org 3 api.ipify.org
Processes
-
C:\Users\Admin\AppData\Local\Temp\99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe"1⤵PID:2172
-
C:\Users\Admin\AppData\Local\Temp\99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\99ed70c894f5c6ed27fed79d75d023fe_JaffaCakes118.exe"2⤵PID:1292
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
84KB
MD5fc0d862a854993e0e51c00dee3eec777
SHA120203332c6f7bd51f6a5acbbc9f677c930d0669d
SHA256e5de23dbac7ece02566e79b3d1923a8eeae628925c7fb4b98a443cad94a06863
SHA512b3c2ade15cc196e687e83dd8d21ce88b83c8137a83cfc20bc8f2c8f3ab72643ef7ca08e1dc23de0695f508ba0080871956303ac30f92ab865f3e4249d4d65c2f
-
Filesize
123KB
MD58adb1345c717e575e6614e163eb62328
SHA1f1ee3fff6e06dc4f22a5eb38c09c54580880e0a3
SHA25665edc348db42347570578b979151b787ceebfc98e0372c28116cc229494a78a8
SHA5120f11673854327fd2fcd12838f54c080edc4d40e4bcb50c413fe3f823056d189636dc661ea79207163f966719bf0815e1ffa75e2fb676df4e56ed6321f1ff6cae
-
Filesize
45KB
MD55fa7c9d5e6068718c6010bbeb18fbeb3
SHA193e8875d6d0f943b4226e25452c2c7d63d22b790
SHA2562e98f91087f56dfdffbbdd951cd55cd7ea771cec93d59cadb86b964ed8708155
SHA5123104aa8b785740dc6a5261c27b2bdc6e14b2f37862fa0fba151b1bc1bfc0e5fb5b6934b95488fa47c5af3fc2b2283f333ff6517b6f8cf0437c52cf171da58bf5
-
Filesize
128KB
MD523cf994e3ba4cc9d22af3a66be591b18
SHA16b260f51b58c97e68d49062cf77a3cd1eeac9272
SHA256b63589089cf0b514318ff982a66d1f470ca4c1784132d40398f9f3a29d4f6a9d
SHA512963daa1f0768661f99edca13e82e8239b41e972d5205d40bf824bdb55b1936d5131125f88f3689980abb397f97b7117f0d66ee1401d3168d4f5036b347a23e55
-
Filesize
128KB
MD518f2aee20e5a68db38f5650fe342a9c8
SHA1f5a8670ce9a300be4a90121a40f4d711d836c83b
SHA256b4b943ecac862996fae22b8638380b840eed4aa1aa1244ea42c780925879ad1a
SHA51243b779736a003b268a30d50e06d0ca4d838a2a99595aaaab75cc8942f363248ae3b93511bb7c85e475be2a54fecef1e7f1a9ae952e67918a8e971bd1a72465ae
-
Filesize
448KB
MD5c8b89f7e89d35e56a8b473ae61076d30
SHA11ff6f464b771a4486c86b16c57d26629c24f5712
SHA2569fa125535fc65df0fe0558dd2cb0fbd479911e4b0cea12c9d8fe44f01d404210
SHA512553a6d0b93cdacac3d8dc3c2e0cd263d6557e76b97e58988134c003bbde343a3232c0d019dccad3d86b7e6be379f3f1a4929d9cbf5cd2b13f0dca1e5044340e7
-
Filesize
448KB
MD5656ca0c58d2b3b5cf552b43add8a6c2e
SHA1cd2149e581b68166d73a9e7cdf26b2a9c466f0b1
SHA256f60cf8c4f320754b8654e3ce2b07fae572df78fba8be145683d0153009f815e7
SHA512d556dc3d9966164e3972cd163657417f060bd960d378a3bc61f5944683867f5b4f2db9bae7cfe434f5cd701d62a9e5c29e1a4ba71e8404dc13cb59b6279fe2e6
-
Filesize
128KB
MD5b3a3f8bc51776a393fa1ad1e5cc72b3f
SHA1aa63ff92577df2f4c17cba6c6c0979580c4050e6
SHA256bcc5978a40198ff9f3fdb5b709e3f591ee344b038acb0d8cccee789257e41b18
SHA5127690b7091fc467cbc93c01f83c1f189d6c6a8f1af16a9f120bc5d2991c3e7964c9dafd93d0ddb92e8abf43029f7496c21a964bccc340b8de14330170e7d54a2a
-
Filesize
99KB
MD518571d6663b7d9ac95f2821c203e471f
SHA13c186018df04e875d6b9f83521028a21f145e3be
SHA2560b040a314c19ff88f38fd9c89dca2d493113a6109adb8525733c3f6627da888f
SHA512c8cbca1072b8cb04f9d82135c91ff6d7a539cb7a488671cecb6b5e2f11a4807f47ad9af5a87ebee44984ab71d7c44fc87850f9d04fd2c5019ec1b6a1b483ca21
-
Filesize
128KB
MD5314e4e27763aa05a45ef45bd0e55eda2
SHA12e0bf51f3b7ceb740630a736e64dd4de2ab2ba4b
SHA256387308e340cee4367803c62f86083789064f6aee44017627102ab6518755c87b
SHA512e8d9195a70b711ae562ac18a2008b36d03406573a4199f9917015527e430663eab438c70f458ee5baa8b8b8961832150841a31ac26744074d2857985e9ea6cd3
-
Filesize
27KB
MD51fc2c6b80936efc502bfc30fc24caa56
SHA14e5b26ff3b225906c2b9e39e0f06126cfc43a257
SHA2569c47a3b84012837c60b7feced86ed0a4f12910a85fd259a4483a48cd940e3514
SHA512d07655d78aca969ccc0d7cedf9e337c7b20082d80be1d90d69c42be933fbab1c828316d2eb5461ded2ff35e52762e249fc0c2bccbc2b8436488fb6a270d3d9ee
-
Filesize
77KB
MD51d53841bb21acdcc8742828c3aded891
SHA1cdf15d4815820571684c1f720d0cba24129e79c8
SHA256ab13258c6da2c26c4dca7239ff4360ca9166ea8f53bb8cc08d2c7476cab7d61b
SHA5120266bcbcd7ca5f6c9df8dbeea00e1275932dacc38e5dd83a47bfbb87f7ca6778458a6671d8b84a63ae9216a65975da656ba487ac28d41140122f46d0174fa9f9
-
Filesize
128KB
MD54e59777bd94763f1cf87df56f553e197
SHA1adcd545714895179fb220076da1daa4c90e56d72
SHA25698e7cf4b521b45f3005523438b4f423486927543eea1c1400732e075769b50cf
SHA512b8b81a4d38888aee62d0655a4e5486fdfea2baa1ad186129d9a184a0a6d6bd5a62bfbc637ca83f2071f71511dd680816f013f10501c84ecfbea6719b7d3534f4
-
Filesize
128KB
MD5d54cdcd58ea8c378361ad037854375a3
SHA10f45b990a0ac80b927219cf3f767d61f76f5fcbe
SHA256b45b8e6137f7100f0e671ae69a14220468dd1ca40c9aeb7c93a93319e6a4ae46
SHA5126a63169fb1537e7301fc7f106ae769dbfbcb13174271577fc8b295dc5a7956d65923f82879c1848a19c7122c16e69f0dd4826d24150344ac2bc705b57d2247ba
-
Filesize
32KB
MD5eef7981412be8ea459064d3090f4b3aa
SHA1c60da4830ce27afc234b3c3014c583f7f0a5a925
SHA256f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081
SHA512dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016
-
Filesize
128KB
MD598fdb19331fc434823edb0abc8e28a94
SHA196fd0d570066c21637a96254d82e8a50aa9030a2
SHA25682c4f3debbec1a510be109dbf5b348cb6add497436286e1e3decebc2bd852fb4
SHA512be8c64dea2c683e5cce53fc8912afb8a7dbe571e3e08b627d16490fc88ae896d1f94e5ff64feacc9c29bbb560d6cdd5dc26d75558f77c425b26b74c380c05716
-
Filesize
192KB
MD5738286431604120e1429392304c3504a
SHA1a57444b10d55638c35679ca999332f8e098e9984
SHA256635e03254efaa4dadc436bf23f25a40309466c9d31f96605f84ab0ce80d9252d
SHA512ac0f967ebbf43dc2ecb2bf86b72a40e19a5e808d6b1dda6e9e30c10828916a63c5539fa31c45d6d4a68c3b24198f767e2e677a5e483376156969a2d9331d01d1
-
Filesize
26KB
MD5a2ab334e18222738dcb05bf820725938
SHA12f75455a471f95ac814b8e4560a023034480b7b5
SHA2567ba95624370216795ea4a087c326422cfcbccc42b5ada21f4d85c532c71afad7
SHA51272e891d1c7e5ea44a569283b5c8bd8c310f2ee3d3cc9c25c6a7d7d77a62cb301c822c833b0792c3163cf0b0d6272da2f667e6bc74b07ed7946082433f77d9679