d3ad8e44bb4f4e61366699006364b9d7d01beeee887b587a013bda311dc54ab1

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
20/06/2024, 02:33 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

021202160634402dc6fc75ca97879127_JaffaCakes118.exe
Size

635KB
MD5

021202160634402dc6fc75ca97879127
SHA1

224e05ebf524bd7f22260a971c0c319ff310f43b
SHA256

d3ad8e44bb4f4e61366699006364b9d7d01beeee887b587a013bda311dc54ab1
SHA512

ba66ad3fbe38406d628c07e71e3a426e4fde60b855f63d109e2e881ddb5f7f3899f5f8fbae305dcf140ad38ed4e9e5b1bca7be3acb27d7730e86469a3e208b5d
SSDEEP

12288:tIbPsXD/YIYkaJou7JYOoujbeWADdAq08rWrDUj8pSC:tesXD/YIYkaJogJYOBbeWADdAqfWrDUM

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
3068	021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3068	021202160634402dc6fc75ca97879127_JaffaCakes118.exe
3068	021202160634402dc6fc75ca97879127_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\021202160634402dc6fc75ca97879127_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\021202160634402dc6fc75ca97879127_JaffaCakes118.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3068

Network

DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

install2.optimum-installer.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

install2.optimum-installer.com

IN A
DNS

install2.optimum-installer.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

install2.optimum-installer.com

IN A
DNS

install2.optimum-installer.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

install2.optimum-installer.com

IN A
DNS

install2.optimum-installer.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

install2.optimum-installer.com

IN A
DNS

install2.optimum-installer.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

install2.optimum-installer.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A
DNS

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

IN A

No results found

8.8.8.8:53

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

dns

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

510 B
5

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com
8.8.8.8:53

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

dns

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

510 B
5

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com
8.8.8.8:53

install2.optimum-installer.com

dns

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

380 B
5

DNS Request

install2.optimum-installer.com

DNS Request

install2.optimum-installer.com

DNS Request

install2.optimum-installer.com

DNS Request

install2.optimum-installer.com

DNS Request

install2.optimum-installer.com
8.8.8.8:53

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

dns

021202160634402dc6fc75ca97879127_JaffaCakes118.exe

510 B
5

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

DNS Request

impressions-proxy-1085035873.us-east-1.elb.amazonaws.com

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.