86092e62852a8c67ed8bebabc963e40ed40b8add74c9b9318b5772621ce6676a

Analysis

max time kernel
148s
max time network
51s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11/06/2024, 06:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe
Size

1.6MB
MD5

9d40f12bafe01d59ce8b40949d61fc5d
SHA1

0d9b23aedea796ab65b41bb0e8220aafe0a867ef
SHA256

86092e62852a8c67ed8bebabc963e40ed40b8add74c9b9318b5772621ce6676a
SHA512

fcd7d8c118f1b4ddc8d413b5eedfec530b7e5a6f3a76032eda7e4164a2d3a3a6a02d2b8b6b60eb6b6d33be3412d74d5ee6d2420ce981239bc1e97123f4c5799b
SSDEEP

24576:zIrIXQLYW6gSiCZsuOVo0Wt3UJqmX/YwwXKFM/238eHL2vFoLgKMitFrfyT:LLWKiqsvPdks5w6aeRL5/zyT

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2332	ROX54A8.tmp.stub.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2332	ROX54A8.tmp.stub.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1924 wrote to memory of 2332	1924	9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe	81
PID 1924 wrote to memory of 2332	1924	9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe	81
PID 1924 wrote to memory of 2332	1924	9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe	81

C:\Users\Admin\AppData\Local\Temp\9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1924
- C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.stub.exe
  C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.stub.exe C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.stub.ini
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: GetForegroundWindowSpam
  PID:2332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1000.jpg

Filesize
24KB

MD5
99540ca9b15860cb824fcdcfb30f520c

SHA1
ace2b252c8e2191a946e37929dc03bff217b4158

SHA256
f3179ae74838b94cec15c276889e28553066ae45b545c70ad58bd020533ab23f

SHA512
5e122ec459ae71c364562ffd2fc18e2266bf313f5fe5d8b0c5f0440983e258c708be3bec74f547161edcc9ddedc115867afe84724ff71f0e015235f374b9ec65

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1001.jpg

Filesize
34KB

MD5
5343466e22da1e8041e92c537cf5a78d

SHA1
dee41fb85157a187072220e27102fe0770ee1a42

SHA256
918f476a65e8a6071f138034186d64c55911c2e89bb07fc77ebf3ed3151e7667

SHA512
5ae69d12738fa71320a03c9f06168480b1b9a2bc8b20354a5542b05b608c0a8491c20c0ce684419118c93d150e101a80d36d7e026fef0af634d21b4a6b2f162f

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1002.jpg

Filesize
32KB

MD5
df8da1065e2f8fecd842d7d30c146422

SHA1
e4cdec7d4df1cfd2ffbba15e1ff8656762f7c6e4

SHA256
bffe33dfc45a0c380d0df03b8c3451663e223a0e5a08a13fb85ad29e2523684e

SHA512
e29f08fb14cc3072525d2a63c981f64a0e4ca4f099571b4ab114ebcc9c1efbcf6bb4af3068d70e4ddbc9a08bf78052ec811139c37305783bc70af920ccf0b2a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1003.jpg

Filesize
32KB

MD5
1cbd328cf421df99a5679be85a171ddb

SHA1
8b6f06f00a033e1c9ba1129af3215bd1c3ebb34a

SHA256
031630bf3e38d2799d3ef4db94526c040f9ddd7fd2834f4c7a7b7acfe9a612f3

SHA512
01d4d1f2163ef4c776db0b722e2aea3588ef58b2f0b0ed1b42d1549b12538f14e676b55918fea1c67a242ba7966e07d8f3bbc6f23b122d5d96b279a7003c48c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1004.jpg

Filesize
36KB

MD5
e6616273b7fe43590537ca56c7421688

SHA1
0487ad29ec73e850090c5fb5ae6b6ff14f71f1ec

SHA256
ebd4a7b99acdaa50bd8870ff3933180928373072969f7f74459e781a522e0b42

SHA512
9c6808aa1fe3392abbd8c8e9a0ca0f7caf03939cf1213c0754f08521fd5836ae88e8ca47e89baf8c6ba8608774e343b1df4290d7c16a9bcef60362a5b75fcf7f

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1005.jpg

Filesize
14KB

MD5
68ae7d57a23da6425e1dd5fd9e10fc1a

SHA1
f3ba38c3de3bfa09e6946eba2619cff65ddb63c4

SHA256
7f1c1c039bdacd5e536cbd075b77b23fd2116170fcc67c4d9e5bae066148c6a8

SHA512
288746200406c9fd0538947c735c0c95d75a1774b09b005a4ff191a09b652e8d4b945a2d526a721a8ab87dae3b9ae6544074a4270912d752e1e8d7c507b3e5d3

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1006.jpg

Filesize
26KB

MD5
f5d9428f6a2451ef654da6a29a6cb491

SHA1
5d3be87623838dfe61b2c33223cfd86a2d5dbcc3

SHA256
24501a4325fd373b4d6712ba455369305ceb44dcec8dad0390553e77606ae18c

SHA512
923ea43c7c563727826633bd992753724b01e7b21df5098571aaa1d9a27e7167e3182e1f96eafbdc5ff04bdca5cd60f0fdbf8fd65c687d6e146b6318e1b66f78

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1007.jpg

Filesize
37KB

MD5
e3f1507a5ea9707fb486c63d55e99e4f

SHA1
3e02d1d30419fd7e5ad6b39de8a03b1f266b3bb3

SHA256
41d74d8c50c338a47dc776c64b9a924904d957e65bb7520d65e2a23ec9f501ec

SHA512
268514520c82c19b7f3ef947a55da327355d28c3ca8ccb14545384501cb1f0891bc6797dff53df4ea480d93efba1d1724288dfdeca8c031b2d5e82f146dd6496

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1008.jpg

Filesize
40KB

MD5
5daa1202efc96b54af5f08b54e8dd4ed

SHA1
9c11e5b3b70f52544ab4e6bb8098881fa3e929a7

SHA256
068f57e9cd6c0ff757007a8a32f535273eb3dbe1f8495b656471711d5e66e798

SHA512
f882bb0d7c632cab37e607bc590849ea8fb6ab67e95cc991b4b95afcef6100f7903de350b8ba5966932c54b9367ba7c1230df9a3021c259a8e2e3aabff34646d

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1009.jpg

Filesize
25KB

MD5
e3c9927fc16e0d252479e60c4ac73e51

SHA1
100c9b2e5b3414c940f95830d81713903c3f6f91

SHA256
76273356ef19aac8edbda3fa691b44b2b809330e162aa8dd59f98bfacb6aef19

SHA512
e1fb46691c8cd50cd96d359f0ce486d623e8df82fb11721ad10640703ce510424a944a971e55f617279eebe9e98040f617316b968eea6ccdf58525fff08b00fc

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1010.jpg

Filesize
39KB

MD5
8398ca2ea9700724eda100504a885b35

SHA1
cefd9e475db9dfc1736ba43e536c3002c99b3461

SHA256
aeb1bd9bcc46049c496cd8a52737b5eb95f2fc18794be29c76f6b8e03d575b7f

SHA512
df512af54b04ae1d72b09a8f0e1a7726285727e0d918e78f61523017860e4dae80223bc2c5ed962ce3de97a97a1bc02265bb02496998523e17e5f2c39a60875b

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1011.jpg

Filesize
22KB

MD5
bf768ce0afd196148e875202b517a78d

SHA1
0ba82d43b063d67e1f4b8a025c91199c3cceb041

SHA256
04066d9c345a752292f0e173b5178e320aa8d918bb720568f9d21baf3ed4a911

SHA512
88e3caa6a2a2e8d3acf889641463db22fb22b489a2d38657b05af8c05410fb7a36f017ed4b3c8b30fc2021c7c4fba95b50a49cd90f8cef228dda2b4dc9929eee

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1012.jpg

Filesize
28KB

MD5
cce0659ffada9b3f0cffca5863e59da7

SHA1
d077016b30f3b80769f5be1988960a9bd9157452

SHA256
1b7ff5b674355d4254741d83263c12c1e22c07895157a4cedf0660c62b0a076e

SHA512
a4e53f77639b7100500a2bffc5d23bfe508162670986564a7b65283db5da30946d69768c39a943124b6e0edd91cb2a92228a8fb6bdacf417f873da3ef3753d9b

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1013.jpg

Filesize
29KB

MD5
c9fd95796e9c087c78a0061e9593d02b

SHA1
4f0bbc1949192e3dd020a4f653de695f68b7026f

SHA256
f56405c2d763a06103d25881293d976b42b6ba27b0ae11d6de1956f6dc059a2e

SHA512
b8b49178029440b0218a46ba1acb9d5ff6543fd1393e6771222de3a57b60693565179cd0b5f081ec6d508bc17afc396c2abef4eea8e9bf5cd73d00502d8a6f3f

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1014.jpg

Filesize
17KB

MD5
7cdf5cc1db5fc777028ad1fe544a003f

SHA1
6c4e618c20db6128cf298fd4462003d22e26d072

SHA256
b85ae74bea5b5ba804267f435612478484ce74ce1277c22083916766e7fd7cde

SHA512
8df0fd44e15f1bfc53786b043eb2ada42088962d39e26256f211d344517264011a3d2e4db6b913f9397c4e4102b75128010998e20ed7c7f5d5b4cac57a9a274b

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1015.jpg

Filesize
48KB

MD5
764729d22ed6339a790d45c7c4cc9ba3

SHA1
5a2851436439b6edc13a8a59ce7f87054ca75dc8

SHA256
300a7a882270e665dd10e6fd2571ccfb87ae09235d726eb5497c3530410d2dbf

SHA512
149e308e08264f52d04a360c6bc9e477126d256d076edd2e8ac8086d295a60f93140a6740d035960a16301d553f201f35d7b3dcacbf123fa90bc91ddcb1a0041

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1016.jpg

Filesize
37KB

MD5
e709d0c19efb126487e6cef937dc7518

SHA1
8a9e07cfa4b3801edc9a1e3d60c255ebcf6faebd

SHA256
864ab71bfe76ccae092d6c7af4cb83a9eef19627f47942a290799f9a24d5f60e

SHA512
d5c45559b43ef10c5133e7cb0287ef51f5aeb02ee0b55b7e9c44e3dde2b8a806620296988ae11113857dea741dfde6f3cd49bd4b6909219668425921c1728cc5

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1017.jpg

Filesize
29KB

MD5
a052f93a7c01fc45a1655f84614fdb29

SHA1
d52ad9dd992ea87777f9869da614afe4fc16d04e

SHA256
59e2e7bb2a6b311c9ef8cdbd198ab6245e9720d7032c89886dedf225b0fbf76b

SHA512
0051c34f82541845b8614c3b23bd35168733d7f73f63d64c4baef975fa17160fee6dbbb0745800d33a177f36c3209d96e2b9460051da2d309c6fec03c350c805

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1018.jpg

Filesize
26KB

MD5
8fbfe7e46314d677d22001b5cc3bf84e

SHA1
a3fa3f1854c263e39ca14e560c3daf5553535393

SHA256
a029e2a90048aba801b22420b7b2bb261dfe83361681d96ea73708948cb594e2

SHA512
f8bfb623f8f1929051835f8e30205d4c5b94c1e90f4a3e8ca1c655242e246ad88732bd7924cf9b50e7e4fde985c76e7233d7669c6929bf5d792ab6f44aa2fb5a

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1019.jpg

Filesize
21KB

MD5
b1751a712948b3a543b4508f5dca8906

SHA1
2e7dc7c1d275901293db831bb00eef1a48ee514e

SHA256
1b77a946c79e462587a4483685b563a36d192b4a8cb6041baa8191c8efc5d5cf

SHA512
5712f5db19c7893ea80af4094eed91969fee6ab618e14d52ce64bd5c89122371ebc607a9c2251436843bf0a0441a8070c064a9b6a13e3790e2a4560918c6680b

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1020.jpg

Filesize
26KB

MD5
1e33b5d46bc6687c40db6e9a501a84db

SHA1
517fcbfb6030b74e873a1f238604c21f15d1ea48

SHA256
aec646b96d8e1e4e37e969064f8d8a8496fb54736729efca11608ad2c66d4b7e

SHA512
c5145e04a74c08ab520b19e8164e9784584d85be4d73ff58c0c5dd4782311b72e86f58765b7b44aeb7bf96376c7f430c4b2efb26957ed75574d34b9bb2687972

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1021.jpg

Filesize
27KB

MD5
6acadb1f309c730bfbaba5127afbe470

SHA1
e4ce8a1ffeaa0e647d266bc619e127056be0a2ee

SHA256
a0285e984ef38238f5a12f5be235197e621396835c239b96fa607e91b035809d

SHA512
5b6d390d927e6726071f904b49553e6fa57120638253d86aa342d332ab20c6b3be4859f3558b243ed3c32069ac5acab9a5e95cb4871bdcd91caa6a31c0089c9d

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1022.jpg

Filesize
46KB

MD5
000fe4f793c1fdd5c2cb8a82b8b8fb78

SHA1
06dfada89ffdbca26ad9cfd0a566d00fa42577e1

SHA256
ea238840cea602b7a6523d75df89b4a486b06f8f83bed03b825d5e7bc1e72b34

SHA512
b2986791094d577418efa2abda46333fdb3ecfa83aac4ffb81b7ef470d9fcadacfe394272b4afc3f46c12c05720a22b817645f9deb44ac85576e1aec546c15d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1023.jpg

Filesize
40KB

MD5
6b6383f708170b28b0be54eae82b891f

SHA1
97c7d1a6642f4ef157b498818c000f646951b18f

SHA256
61dd1fa43c177946ea04ddc4ed4f52c78468372b7aad8faaa851e79388b72687

SHA512
b702f32d234695806bae95943a3b571d0cae083873fb9d15a0fed6b8c2d882f84519e99d61ec7c8ea3af344427d54f699c709b63a3b95147abcf3178da39bee2

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1024.jpg

Filesize
45KB

MD5
7120924530d41b47cc798b806dcc577a

SHA1
501d5f3b124f468a3cac62a8f99667c5dc51862e

SHA256
78be91512f2334eb773a92a7717ae2c50c2bca480ba6f6077df97e560e3cc1e6

SHA512
5df16a12748deeb57da4e0c614ffd9794fa420ad5d690bfac7be76e0d2a273fbec54ea48f8be070a56aafd550ea3a75fd8fde448cf4a990e63b1d11aaca6c6c9

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1025.jpg

Filesize
24KB

MD5
77effc2086ad9ac88579f66790790302

SHA1
93c32ab044ee0efcdc4dd11d8cf63253cd1aa7e4

SHA256
5298cae8d38827409040ac8aba77d5f3fa5a6b7b7d1e11434694c8f5f0f24858

SHA512
16af9478689dade9c246c22dd478b5a88b42f4ce0102470d2556fec8933a0c6b5b3161abe263dea7e507e5fed506b1a8d5d09d726ca1bc4dc6d794a56d06e9e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1026.jpg

Filesize
39KB

MD5
5a06dae5dc562af185f5775e9981fc4e

SHA1
634249ba36370219933263814767c29066598a0c

SHA256
371ae415b3d7dde68b4b38b6324791d7c1febf4241a4b2b66f30b3bfa8cbd578

SHA512
afaac37cc730edf933df9de46852d61a161f74bd5483d62a2e90276192f98431cce0594c6cd68c4a4f2a3f35d37b2b9afd3d502dfa58b95c203bbd415c14ff9b

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1027.jpg

Filesize
41KB

MD5
acac3743aae1ba4f720ea8ab3034941b

SHA1
97d7bc81186b7ca778b500697e16861b04a54c5b

SHA256
70803780f242f10c4d03980e9c98a291141fd796d595eb62f3be30906de8b1c1

SHA512
672a4a9ec71a795626060ebc8e23e4ae98ca5572fc28487ce1a06604d3ebfe634e2c153c29853b740d657171263ae09ff74305df3865791ab9a8c334a9b3052d

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1028.jpg

Filesize
51KB

MD5
ba6bf926085086a9b6749012b2c8b575

SHA1
c80450d7e2fdcd60bb7000d66bc1b0bd8842e025

SHA256
f0e03b7698cbc5ddb1f0b24dc065eca4e50fe67fc94439ba04db257304b62427

SHA512
e9e40a0a627b30e976f0b52022b3347c28fe26b3d5aecc237faa768891d5e29234d2160b8e4c52be0bd09ba1d52eb93ad3c866b3b958ace0a68ab6f9d1a449c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.P1029.jpg

Filesize
47KB

MD5
d5be7c53a43e030ba2cc29065eafe652

SHA1
3abfbd0baa0cbd3db14c46159d7e55c867b32817

SHA256
5dec75f7d58307c213df3bb6f7d2b1b7483ed8a779e062214aaf8a632cd2f1ff

SHA512
a3b87183f97baca4a64e5e09d6d9e3656a4d5ed87c2a16042fecd03ad359f66e00e0bc054a12641380a001059d5e2addb0db019ed5c8a4911f57e595c9ad8865

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.stub.exe

Filesize
300KB

MD5
15541ed047cb1d2fb13a49a33cf93251

SHA1
f8393727b3a34dbb98c2e23b123d6c4a63195232

SHA256
f9655aec41a4b4e12314a8b9fd02bbc57b4fc0a5607ca8e1e90f5b05aef1bcf1

SHA512
378099302a9c9057c03064df2cc386877edac46885f5d0950547ee7b99793f2b37cd45c098291cf601ac2b51132d9ff854c7ac7f3a791dc4adb45637ea701839

Download Submit
C:\Users\Admin\AppData\Local\Temp\ROX54A8.tmp.stub.ini

Filesize
3KB

MD5
5888b9d23624d7fcab6bf3265c9a8ea9

SHA1
eff4d6ddd60b0a4515b5966c2fdfeb80563a2833

SHA256
70d253a88f05ee9fc252885158ba880861863d042e836f3568f5b26c2ee8675d

SHA512
9c4bec5778b9257cce58fbeac4035fc8f718b0d844d240cd9f7eec5dd6e0d98bcf19bf274baa1285f2321f1207cf4e8a86f690b0bb3690629a77551a19a23fea

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads