23da45e25736bec91cc84a3ecabfbf1a01d9d34bb1b7359bd83da807131e6625

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
28-06-2024 10:14

Target

19c0fe34101b7ae659fa0fd443b1f960_JaffaCakes118.exe
Size

28KB
MD5

19c0fe34101b7ae659fa0fd443b1f960
SHA1

431d78081be6424a635e952dff1b84f6449e9736
SHA256

23da45e25736bec91cc84a3ecabfbf1a01d9d34bb1b7359bd83da807131e6625
SHA512

cd02c10d99683e43ca89bb60abdc8a06cd486b97109d611950c27c600f711041a4d168de3d4007f185c36d037a28a91914d6cc388c4272930f507f82f443ef22
SSDEEP

384:BHrNCDbQSmiUCZRImGNHwoJllp15Mr8KgxM:mxmifRIm85JllX5MQKgxM

Score

3^/10

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2080	19c0fe34101b7ae659fa0fd443b1f960_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\19c0fe34101b7ae659fa0fd443b1f960_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\19c0fe34101b7ae659fa0fd443b1f960_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2080

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact