Overview

overview

3

Static

static

3

0d7a07afac...18.exe

windows7-x64

1

0d7a07afac...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0d7a07afac40834b5ffabbdf05fc7778_JaffaCakes118.exe

  • Size

    91KB

  • MD5

    0d7a07afac40834b5ffabbdf05fc7778

  • SHA1

    ff09e7caf0f385bdc1b1b397b056ca6156cb8fb7

  • SHA256

    f3d1c46db5266dc237deeac9c18ab68671b811b706182fa412f03db050c36bc9

  • SHA512

    c82327a4ccbdd6326835711e852ac19235bb4e8c49f105a37f4aa9310bc8916e40f9fe6d4a9b9f1b089f3a52d06342658203b061cd62b15ad984c789939b1c3f

  • SSDEEP

    1536:EGwtRxOBJyypgmDjVwCfIAIYfGJmIMWtEMfgjtEFC:NwtRonyypexoiNtxYGC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d7a07afac40834b5ffabbdf05fc7778_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d7a07afac40834b5ffabbdf05fc7778_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of AdjustPrivilegeToken
    PID:1868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads