Analysis Overview
SHA256
1dcba36a414f7316cfe7981dc4d38ffe85da13821808a04590d10f9b47af8f9c
Threat Level: Likely benign
The file a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Enumerates physical storage devices
Enumerates system info in registry
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 13:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 13:16
Reported
2024-06-13 13:19
Platform
win7-20240220-en
Max time kernel
120s
Max time network
121s
Command Line
Signatures
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardProduct | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | arcadegiant.com | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 13:16
Reported
2024-06-13 13:19
Platform
win10v2004-20240508-en
Max time kernel
51s
Max time network
52s
Command Line
Signatures
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardProduct | C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\a5bc384c06f98f3ea82bc65923bee881_JaffaCakes118.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | arcadegiant.com | udp |
| US | 8.8.8.8:53 | arcadegiant.com | udp |