Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
28-06-2024 14:24
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
1a768e9b399e1841a4a2011e3f0f8564_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1a768e9b399e1841a4a2011e3f0f8564_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
1a768e9b399e1841a4a2011e3f0f8564_JaffaCakes118.exe
-
Size
3.2MB
-
MD5
1a768e9b399e1841a4a2011e3f0f8564
-
SHA1
fc0299c89feacd879dee5cd7f0b27d635704f14c
-
SHA256
183406cb6726295e890c929516e6ff52b9f08857013871be00af2b2bc1464057
-
SHA512
056777fa98da44dfe37d34985975d217580a39d155c7d4894c97ff7a4557a3ea30632e03493d9dd1ddccafaabbedba8759021e5371197df0e1b4cc50071dc48d
-
SSDEEP
49152:iw5sXlm5eLvedcSSQhYukd1Jj97TC+9jLMP/F75Z5ND6IaMSinvLY:zsXVWd/3Xkdv97TC+hLI/5NDPRnvLY
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 1768 1a768e9b399e1841a4a2011e3f0f8564_JaffaCakes118.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1768 1a768e9b399e1841a4a2011e3f0f8564_JaffaCakes118.exe