9db68472e4297ccff986cdbc3a2e6a8bce68cbb86bcf8c246f15360e07632b00

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 11:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19e4a3c624b543cf8e142c125d189a9e_JaffaCakes118.exe
Size

164KB
MD5

19e4a3c624b543cf8e142c125d189a9e
SHA1

35204e9eccef69ec3e9da0ff7001395adad8a445
SHA256

9db68472e4297ccff986cdbc3a2e6a8bce68cbb86bcf8c246f15360e07632b00
SHA512

bcaab5e218af8cd8b1859df58b7d3af1bc2e5db88d10338ecd840776356f37ed1d79bd02ca64639c3c8821377aeadedfd10459b81e93d3b2f5db751992b72665
SSDEEP

3072:skwpC/BDAEKN6x+8ePT2VbYAeSoXRLCve6cdAAMp/:sm6CeriYzSoXRLR6cWAY/

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\s.exe	19e4a3c624b543cf8e142c125d189a9e_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2172	19e4a3c624b543cf8e142c125d189a9e_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\19e4a3c624b543cf8e142c125d189a9e_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\19e4a3c624b543cf8e142c125d189a9e_JaffaCakes118.exe"
1⤵
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
PID:2172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\Temp\tmp.exe

Filesize
104KB

MD5
232f68ec384e6ee6b7eba73e3a4baa9e

SHA1
a0179e963a9cbadcee26876458fa34580c8f8673

SHA256
e3a5792d57483c932a66922b8ec91bf63a1a2a719cd085c244fc40b83e5e2a3f

SHA512
f8b784574da62cd7850f7f436f2bd07634e40f458385b3ca87080b671f30641bc4ab1584724fb9f87f39695fd9433786c5c9d51e0cc0986738301cd01077f115

Download Submit