2031d4782be55faff911e74cccbe458a48fb9ea0b3730ee8578c82b074ae4d54

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
16/06/2024, 21:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe
Size

367KB
MD5

b54982f91abbe2a3fc1cc3d2bb22fafd
SHA1

44d71ddcb654635f207a64ef7a0a908982108f45
SHA256

2031d4782be55faff911e74cccbe458a48fb9ea0b3730ee8578c82b074ae4d54
SHA512

6e90b18eae7f58b099c8b6bf104b970408713f7b3ec58d874ecf674fb57e92e8ce0bba765574877c223dcd56f8373337c813f4ef5c1ac0ff5dc88b7495a6b513
SSDEEP

6144:Ur54eFx/+U36kt5ww4c527nT6Bhahxu8rVeX1K+XKR1d+YKaTX3lkOXMR+e+eGCN:UrpF8WZwwh+6/ahxRrVeX13XdzE5xHNw

Score

7^/10

Malware Config

Signatures

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.lnk	b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe

Loads dropped DLL 1 IoCs

pid	Process
2184	b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe"
1⤵
- Drops startup file
- Loads dropped DLL
PID:2184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

\ProgramData\{6f52cc28-78da-733b-6f52-2cc2878d30a1}\b54982f91abbe2a3fc1cc3d2bb22fafd_JaffaCakes118.exe

Filesize
367KB

MD5
b54982f91abbe2a3fc1cc3d2bb22fafd

SHA1
44d71ddcb654635f207a64ef7a0a908982108f45

SHA256
2031d4782be55faff911e74cccbe458a48fb9ea0b3730ee8578c82b074ae4d54

SHA512
6e90b18eae7f58b099c8b6bf104b970408713f7b3ec58d874ecf674fb57e92e8ce0bba765574877c223dcd56f8373337c813f4ef5c1ac0ff5dc88b7495a6b513

Download Submit
memory/2184-8-0x00000000001F0000-0x00000000001F1000-memory.dmp

Filesize
4KB

Download
memory/2184-23-0x0000000000300000-0x0000000000301000-memory.dmp

Filesize
4KB

Download
memory/2184-2-0x0000000000080000-0x0000000000081000-memory.dmp

Filesize
4KB

Download
memory/2184-18-0x00000000002B0000-0x00000000002DC000-memory.dmp

Filesize
176KB

Download
memory/2184-17-0x00000000002F0000-0x00000000002F1000-memory.dmp

Filesize
4KB

Download
memory/2184-16-0x00000000002E0000-0x00000000002E1000-memory.dmp

Filesize
4KB

Download
memory/2184-15-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/2184-14-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/2184-13-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/2184-12-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2184-11-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/2184-10-0x0000000000210000-0x0000000000211000-memory.dmp

Filesize
4KB

Download
memory/2184-9-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/2184-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2184-3-0x00000000000C0000-0x00000000000C1000-memory.dmp

Filesize
4KB

Download
memory/2184-5-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2184-7-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2184-4-0x00000000000D0000-0x00000000000D1000-memory.dmp

Filesize
4KB

Download
memory/2184-24-0x00000000003A0000-0x00000000003A1000-memory.dmp

Filesize
4KB

Download
memory/2184-6-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2184-22-0x00000000001E0000-0x00000000001E2000-memory.dmp

Filesize
8KB

Download
memory/2184-29-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/2184-34-0x0000000002160000-0x0000000002161000-memory.dmp

Filesize
4KB

Download
memory/2184-33-0x0000000000810000-0x0000000000811000-memory.dmp

Filesize
4KB

Download
memory/2184-32-0x0000000000800000-0x0000000000801000-memory.dmp

Filesize
4KB

Download
memory/2184-31-0x00000000007B0000-0x00000000007B1000-memory.dmp

Filesize
4KB

Download
memory/2184-30-0x00000000007A0000-0x00000000007A1000-memory.dmp

Filesize
4KB

Download
memory/2184-28-0x0000000000390000-0x0000000000391000-memory.dmp

Filesize
4KB

Download
memory/2184-1-0x0000000000030000-0x0000000000032000-memory.dmp

Filesize
8KB

Download