Malware Analysis Report

2025-04-14 03:49

Sample ID 240612-xc25eavhra
Target a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118
SHA256 df81918219c0d876cd49f0aed2492f1d14eee6414c49a60654a99c0360ce3557
Tags
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

df81918219c0d876cd49f0aed2492f1d14eee6414c49a60654a99c0360ce3557

Threat Level: Likely benign

The file a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118 was found to be: Likely benign.

Malicious Activity Summary


Drops file in Windows directory

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-12 18:43

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 18:43

Reported

2024-06-12 18:45

Platform

win7-20231129-en

Max time kernel

121s

Max time network

123s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\driv64.exe C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe"

Network

N/A

Files

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

MD5 a1cd3d7f21ff4d09a6eda414ec5c6d6e
SHA1 187739375949fdcd42c83422c7276fa111abf5d6
SHA256 df81918219c0d876cd49f0aed2492f1d14eee6414c49a60654a99c0360ce3557
SHA512 fb3e098645d199bda2e1f57ed55a99850967844b7d136842eddaf9d75d4535f36fae49055e086f0c066d4b93a229f7be6be7ecbaf6f24f42348060057f931934

memory/3044-101-0x0000000000400000-0x0000000000425000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 18:43

Reported

2024-06-12 18:45

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

51s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\driv64.exe C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\a1cd3d7f21ff4d09a6eda414ec5c6d6e_JaffaCakes118.exe"

Network

Files

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

MD5 a1cd3d7f21ff4d09a6eda414ec5c6d6e
SHA1 187739375949fdcd42c83422c7276fa111abf5d6
SHA256 df81918219c0d876cd49f0aed2492f1d14eee6414c49a60654a99c0360ce3557
SHA512 fb3e098645d199bda2e1f57ed55a99850967844b7d136842eddaf9d75d4535f36fae49055e086f0c066d4b93a229f7be6be7ecbaf6f24f42348060057f931934

memory/1944-101-0x0000000000400000-0x0000000000425000-memory.dmp