Analysis
-
max time kernel
140s -
max time network
56s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
13/06/2024, 00:19
Static task
static1
Behavioral task
behavioral1
Sample
a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe
-
Size
4.2MB
-
MD5
a31c7ac1d7d255d252963d58189b225a
-
SHA1
e77493df404c629c8d5aea4df32ea3d3da566ecc
-
SHA256
129dbfd7965d1c39f4d724d85f5beb36e5ab9f1c32234d3af4be905bd6278adb
-
SHA512
632a847fe2fcb104e7adf69d9d44d3d39231ee95d44b21922aed7f08d19f7673a4d83e7d7b2036dccc4d2821a71856fbe1b0c0652c7ba20c807e21c48368d625
-
SSDEEP
98304:eh7lpe9VT3xWC7cusXJNwBewxnvjo5qcoZLPhHMUZNp:of+VFW4MWB/i5qcoZLps8p
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Software\Microsoft\Internet Explorer\IESettingSync a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe Set value (int) \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe Key created \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe Set value (str) \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2492 a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe 2492 a31c7ac1d7d255d252963d58189b225a_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD597e0900626e84a9c8a54325d2e71d056
SHA140accf98a478dfc4b4bdb1ada35a57095fb062ab
SHA2566b181303ce57f62ecef04dcff7236d13637fa262428540747efe0ea3b5c461e9
SHA5122ae036669647e380d1e3617f8f684a533f2afb868af7786464e68b8338743bb889031de562a5f4cfd88d4aa39639208b0007cc6299f551311f8d95f94b37c6d7
-
Filesize
5KB
MD5660283212989828403126967ca7af80e
SHA1d2390fbf12c5692f3046a75fa6d10582831e06e3
SHA2562b883de63e0b3e25a31ee2813a1e868c6733439167ad77ae46284699e286a8e0
SHA51201d49226a00e4b7abce0843f30dcd3e5815146c3a444fc1f8b3ad462c2749e152084c5a994a6eb6cd4abb1b316680c0a3d78f5fecfc896dec5e9a9af39a90754