Overview

overview

7

Static

static

1

ae6374531e...18.exe

windows7-x64

7

ae6374531e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    94s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/06/2024, 12:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ae6374531ed10600eea4d7ac88b02afc_JaffaCakes118.exe

  • Size

    2.0MB

  • MD5

    ae6374531ed10600eea4d7ac88b02afc

  • SHA1

    da868a6ff6f6776acb936c186c7fe8471bbca38b

  • SHA256

    a474cba06862933578a2842c14cf6d8be028c170cab9bf3c1e29b7864c08f734

  • SHA512

    f42204a6d0e7dfcb02d9cc5d7772ac8c752d998ab62d09c5417bd577dd185787d616020a6bb895428a12bd1dc4a82e251487b1cbc83a4eaed93388d265e93ff7

  • SSDEEP

    6144:l2rnd2jYsTTXW1BcZ15koJ87B/WqFiCLHS46ejlJdNfj1B/C4T8I+wlEgn4yKB8M:orFpykoJ89WqrTZ3BZv5n47B8M

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\ae6374531ed10600eea4d7ac88b02afc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ae6374531ed10600eea4d7ac88b02afc_JaffaCakes118.exe"
    1⤵
    • Drops startup file
    • Drops file in Windows directory
    PID:2588

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2588-0-0x00000000008D0000-0x00000000008D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-2-0x0000000000C50000-0x0000000000C51000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-7-0x0000000000CB0000-0x0000000000CB1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-3-0x0000000000C60000-0x0000000000C61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-6-0x0000000000CA0000-0x0000000000CA1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-5-0x0000000000C90000-0x0000000000C91000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-4-0x0000000000C80000-0x0000000000C81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-1-0x0000000000C40000-0x0000000000C41000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-9-0x0000000000D10000-0x0000000000D11000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-11-0x0000000001310000-0x0000000001311000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-10-0x0000000000D20000-0x0000000000D21000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-8-0x0000000000CF0000-0x0000000000CF1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-13-0x0000000001330000-0x0000000001331000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-21-0x00000000013F0000-0x00000000013F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-20-0x00000000013E0000-0x00000000013E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-19-0x00000000013D0000-0x00000000013D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-18-0x00000000013C0000-0x00000000013C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-17-0x00000000013B0000-0x00000000013B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-16-0x00000000013A0000-0x00000000013A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-15-0x0000000001390000-0x0000000001391000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-14-0x0000000001380000-0x0000000001381000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-12-0x0000000001320000-0x0000000001321000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-22-0x0000000001430000-0x0000000001431000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-24-0x0000000001400000-0x000000000142F000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2588-32-0x0000000001370000-0x0000000001371000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-31-0x0000000001360000-0x0000000001361000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-30-0x0000000001350000-0x0000000001351000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-29-0x0000000001340000-0x0000000001341000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-28-0x00000000048B0000-0x00000000048B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-27-0x00000000048A0000-0x00000000048A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2588-35-0x0000000003CB0000-0x0000000003CB1000-memory.dmp

          Filesize

          4KB

          Download