Overview

overview

3

Static

static

3

03774c606a...18.exe

windows7-x64

1

03774c606a...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 06:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    03774c606a117afa04f587233f9a5dc1_JaffaCakes118.exe

  • Size

    1.1MB

  • MD5

    03774c606a117afa04f587233f9a5dc1

  • SHA1

    cd0548bc448ee53140e4e23dd03e2e616ed7041c

  • SHA256

    4187d0ec2cee732428e21d5cf7aa413a63bbf6ef2953f3d3871890bc57a61ef4

  • SHA512

    2122daefa5b094f948ba3bd6917b072484a13d4a59d8d268b1b59f50f965b10142d8a1582274c2d27ef12ea67d64d0c62b3e637435c54c67b1af365e63e707ee

  • SSDEEP

    12288:CX6YxW1ADE2De8ZT5riMiQQewSSjE/49saV/i4ivdKSVc0B4kjoD4jaEoLDlAgOi:Vy/VDRZT52MwopoLpivZ5vGTNAHA+xj

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 58 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\03774c606a117afa04f587233f9a5dc1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\03774c606a117afa04f587233f9a5dc1_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3800-0-0x00000000021A0000-0x00000000021A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3800-1-0x0000000000400000-0x000000000052C000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/3800-3-0x00000000021A0000-0x00000000021A1000-memory.dmp

    Filesize

    4KB

    Download