Overview

overview

6

Static

static

3

18ba38c473...18.exe

windows7-x64

6

18ba38c473...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-06-2024 04:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18ba38c473239322efddf43081fab2d2_JaffaCakes118.exe

  • Size

    131KB

  • MD5

    18ba38c473239322efddf43081fab2d2

  • SHA1

    bd4102884b415bd6d79606f856dd888ee7a1533a

  • SHA256

    4ac75a69d5474ae4e58c9d5fab1c09f9cf0d42b2235c13d152e8801f78929479

  • SHA512

    d79b6da6ac3f3f332b01ff77c1083b3571fe49f5477987c86a7f84ffbdbcef2e6a259b97ea6c3ed894b92d6935eac71caa9b6cf04a5582601fe9b8446f0657da

  • SSDEEP

    1536:BL+O/U7OBmKGS6CBK0t/ZCXPGuxgDM5YKBGNc/xf6KWcs8+SUkIcekqY1o/uImzO:BLxUyjp3xCTyDMsUWyw+Ubx7N7

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Uses Tor communications 1 TTPs

    Malware can proxy its traffic through Tor for more anonymity.

Processes

  • C:\Users\Admin\AppData\Local\Temp\18ba38c473239322efddf43081fab2d2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\18ba38c473239322efddf43081fab2d2_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    PID:3096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads