Analysis Overview
SHA256
d0584e0b3049d7803a01d22b6f6d54a0825fc0e11560d3c3f26a571c9768dd92
Threat Level: Shows suspicious behavior
The file 034d89ba882cd9fe76697e4e4f227d16_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
ASPack v2.12-2.42
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-23 22:45
Signatures
ASPack v2.12-2.42
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-23 22:45
Reported
2024-06-23 22:48
Platform
win7-20231129-en
Max time kernel
140s
Max time network
121s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\034d89ba882cd9fe76697e4e4f227d16_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\034d89ba882cd9fe76697e4e4f227d16_JaffaCakes118.exe"
Network
Files
memory/2356-0-0x00000000003D0000-0x00000000003D1000-memory.dmp
C:\Users\Admin\AppData\Roaming\deskDOC DWG to PDF Professional\system.dat
| MD5 | 4c6739101353a9f38ce1ff3d3b527428 |
| SHA1 | 61aee30d19203a414d2cdefbf13d8409b8d9d784 |
| SHA256 | 7973e9e72f4ece6eb68510514b5c5dcd6520536e9688c7c1570035ffc4937a32 |
| SHA512 | 28c7bea658072b77e5e1b12210c23ef135540c8ede9524410867abec399a721fe5309e97ed99765f02a19f1e607bdb573397cb6c43a343a1b9d823c58b44d452 |
memory/2356-298-0x0000000000400000-0x0000000000628000-memory.dmp
memory/2356-300-0x00000000003D0000-0x00000000003D1000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-23 22:45
Reported
2024-06-23 22:48
Platform
win10v2004-20240508-en
Max time kernel
140s
Max time network
52s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\034d89ba882cd9fe76697e4e4f227d16_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\034d89ba882cd9fe76697e4e4f227d16_JaffaCakes118.exe"
Network
Files
memory/4572-0-0x00000000024B0000-0x00000000024B1000-memory.dmp
C:\Users\Admin\AppData\Roaming\deskDOC DWG to PDF Professional\system.dat
| MD5 | 6e717a5628dc142f8d14ac5a685f0b32 |
| SHA1 | b4cf7b6993560de8dfa191276bcaf1f11b9a5464 |
| SHA256 | 1d05728b4ccdbf1e3fa0ec09f278903859adf443b1457d06898f4342eeda39d3 |
| SHA512 | 44173b019ea9000db8363e64df4ee4a8b65de02a8ea1b17f48c920392a74bdb316d5f4d82301b24300026a066a32f48551128139fd0efc980d23849726944be4 |
C:\Users\Admin\AppData\Roaming\deskDOC DWG to PDF Professional\system.dat
| MD5 | 05235ea2a94b53a25a58303edfdc6647 |
| SHA1 | b84573024205812f1f55a72f42b3f7e6570ed00c |
| SHA256 | 9bfab4cff867c268ec2c9024fdb455b2614cbaa971be0a436aa3f8fe26799df8 |
| SHA512 | 95c294a3710d7822248b8667e264a1eaa23c90f0b53db6248b310048f21f235faebee9c6f54fccc220cf04d6301acb53897fb212b96b23a8d565af1f43196400 |
memory/4572-298-0x0000000000400000-0x0000000000628000-memory.dmp
memory/4572-300-0x00000000024B0000-0x00000000024B1000-memory.dmp