Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
16-06-2024 00:07
Behavioral task
behavioral1
Sample
b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe
Resource
win7-20240611-en
1 signatures
150 seconds
General
-
Target
b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe
-
Size
8.7MB
-
MD5
b0d11de4f9e04fd57e346a1d8c599090
-
SHA1
293361ac9b6544edd4d3dcc24f37e45f74dc917a
-
SHA256
70ac963c22dc66f78d596c220d4af4ce2ee8d7a8c3c84f785df19c42f4e4205b
-
SHA512
e2966105329d706492e1242cbbccd284de8dee6f773bcbb8d703c339f13ea95019e853dfd9beca13c617428ed9c9f9394e6833667b4c200649b46ac312521c26
-
SSDEEP
98304:1+/mUSk7lZ7biAZK82ueGqnhA+D6gLlJV5mEkAn1dJIek1ledy87cRb+uSlYd1qF:AuG7btuueGfAnbJPk1leCQuSAqF
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral2/memory/4072-1-0x0000000000400000-0x0000000000CAC000-memory.dmp cryptone -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exepid process 4072 b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe 4072 b0d11de4f9e04fd57e346a1d8c599090_JaffaCakes118.exe