Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
26/06/2024, 15:01
Behavioral task
behavioral1
Sample
1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe
-
Size
11.7MB
-
MD5
1263d2b17af917e0cafc16054004eac3
-
SHA1
1fdbdebb1fa92102fd8abc2648030a0027cbcef3
-
SHA256
588648051c60c353b5541b78d13a94a09802d3d332cf5aaf57b4aaf5c02559fa
-
SHA512
a54ee8a30ad306c0aea963ed09a4598100b3803af7fa09e011b65e255ca8e6cf1b3a1f7796c50c5461b890502c2e101bb6b11174612497c51549169c0aa46ac1
-
SSDEEP
196608:a+eIunHm269onJ5hrZERdW3q+09iq2pPeAyiU8AdZYJERBrTWjnDNhdHqb6R6A:VunG269c5hlERblh2pvAdZYyDrynDNp
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 1692 1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2432 wrote to memory of 1692 2432 1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe 28 PID 2432 wrote to memory of 1692 2432 1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe 28 PID 2432 wrote to memory of 1692 2432 1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2432 -
C:\Users\Admin\AppData\Local\Temp\1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\1263d2b17af917e0cafc16054004eac3_JaffaCakes118.exe"2⤵
- Loads dropped DLL
PID:1692
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.3MB
MD511c051f93c922d6b6b4829772f27a5be
SHA142fbdf3403a4bc3d46d348ca37a9f835e073d440
SHA2560eabf135bb9492e561bbbc5602a933623c9e461aceaf6eb1ceced635e363cd5c
SHA5121cdec23486cffcb91098a8b2c3f1262d6703946acf52aa2fe701964fb228d1411d9b6683bd54527860e10affc0e3d3de92a6ecf2c6c8465e9c8b9a7304e2a4a6