Analysis

  • max time kernel
    138s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-06-2024 13:27

General

  • Target

    0669a0fca784e0b59cfd0502d9dddf79_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    0669a0fca784e0b59cfd0502d9dddf79

  • SHA1

    4178a4681c152a46b5361d15ab30de0528ef8387

  • SHA256

    28f2f1283c4194bb1f34b9a863af311f122dfe60a36dd8a329820af7f4d6693b

  • SHA512

    9aa25879d05f43bc990b5d107b38eebe5f3611a7a3fed5c67bd7e2774af867f093a034c7eb632b0db896d231991a2bb6d90f96a4d192ebc0c86b95cc25ddf01a

  • SSDEEP

    384:0GMY/VUGAL1wmPzZkReCgteenvb1B3Z4F:mY9UzpwmPi4Cg5JZZ4

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0669a0fca784e0b59cfd0502d9dddf79_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0669a0fca784e0b59cfd0502d9dddf79_JaffaCakes118.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads