Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
01/07/2024, 11:01
Static task
static1
Behavioral task
behavioral1
Sample
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
-
Size
152KB
-
MD5
1b0a827018d69d55847f502b37e61bd9
-
SHA1
42a1a100c57b10a533e18bacba3b0334bbfd8cb0
-
SHA256
44a71431a1102439c0e466a1f56c1ff8311e74a5ee57acd4b47e5b8cb5389af4
-
SHA512
efd4519286733feb02349ad26219c63787b4a14c17eaa260f06d14137c2a35fd39b035ba34cb8d3804fce1fd73a3d516d2401a597a91a9978cbde4b76c1219ce
-
SSDEEP
3072:pmR5LCQThb6qHfpmPKzYIEeh7m8h+38oW4OUSKwFZai:AR5LfJCaDEe08h+3rZi
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64\s.exe 1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2392 1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD5def521563b24fc0da5545adb459741b5
SHA1b1d3fae1709c1bc35fd16c546d561ad8e293ac59
SHA256831b9b3ba591ea884c8d12d2936e8273fd0d9deea8e86feca79012bbb08b5a09
SHA512fbda8bf1359be9f97b29af2f5812253f8c2145dfcd1bf6dea7747affa0bcfcd5eff58db1e59dcb05e70f5bb50e60021b5b3e64cd98689f93faf8a3097d9ce72c