Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:32

General

  • Target

    a4711b4cb8086b31413fa065c79a424d_JaffaCakes118.exe

  • Size

    49KB

  • MD5

    a4711b4cb8086b31413fa065c79a424d

  • SHA1

    fa0741f0b776496451383d0aa673247cda74f993

  • SHA256

    8f75100bdd9049c1438239b5c4157db194a5757dce49f0a3395414fcf991d5ca

  • SHA512

    1c8c8226546fbace9aa189086b28e20324be6d06080267d21494044df92e69d120269467ef4053146c132d7afd9b150616bc33179a2885ba78f0213cdb4184db

  • SSDEEP

    768:KMGnYmtcLDs/saQRy7rnzrKHgccoGv8uS08p44vGmjXO3XJC1Mm9B3oHXF045rCM:aoLDYsacy7mHMowHjXJC1MZF0uryiky

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4711b4cb8086b31413fa065c79a424d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a4711b4cb8086b31413fa065c79a424d_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsoDE8.tmp\nsWeb.dll

    Filesize

    8KB

    MD5

    84bcf3c71e70d5a6e9dc07d70466bdc3

    SHA1

    31603a1afc2d767a3392d363ff61533beaa25359

    SHA256

    7d4da7469d00e98f863b78caece3f2b753e26d7ce0ca9916c0802c35d7d22bcf

    SHA512

    61aefa3c22d2f66053f568a4cc3a5fc1cf9deb514213b550e5182edcecd88fadf0cb78e7a593e6d4b7261ed1238e7693f1d38170c84a68baf4943c3b9584d48e