Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14/06/2024, 01:14
Static task
static1
Behavioral task
behavioral1
Sample
a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
2 signatures
150 seconds
General
-
Target
a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe
-
Size
493KB
-
MD5
a77b8ef753ec31d2ad691595d525684b
-
SHA1
428b076cf1dd3f75e0e51692c439e8134ae23e8f
-
SHA256
f3e5e223f133fbda02c9fc7535f252e0b7c7e64b287ef72538a04c90274bafa5
-
SHA512
e9a93f052d5fa33f8d6c96d27db72541b84a37596edd9ded381e9f45f3d06cc590df866f9666f8d38cb8b6cbad8c56ff570e104c44aa7b67921b03eb855acd09
-
SSDEEP
6144:t0KQ71SVTh/5O/1qRSfpLEQU2tPNb8E3cC61JC+KZ3mL4uIm31ittVp+aZx0H:tBQ7oJ5O/1AA432BFb3cCgQZVuIGiUH
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
description pid Process Token: SeSecurityPrivilege 2524 a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe Token: SeSecurityPrivilege 2524 a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe Token: SeSecurityPrivilege 2524 a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe Token: SeBackupPrivilege 2524 a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2524 a77b8ef753ec31d2ad691595d525684b_JaffaCakes118.exe