d0f6daec62b6e69d8a48b62e2a8d9834c60e7d669435126c990078ddd9b6c967 | Triage

Analysis

max time kernel
47s
max time network
56s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03-07-2024 07:55

Sharing

Report Analysis Logs

General

Target

219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
Size

14KB
MD5

219bdff1975b0211580f6209adc4263d
SHA1

fdb9fbb15849251d4be0a8cde6945bc3b46bd16c
SHA256

d0f6daec62b6e69d8a48b62e2a8d9834c60e7d669435126c990078ddd9b6c967
SHA512

365a07db20a8133c3d7da7a8a649c2528abfb8e8140c27bfbc937585ab040c2c1acd099309c707636da8fd203b1edc2c73b55bfe04b65b4de9b1d25b6b3eec33
SSDEEP

384:gvDgKD77r22/KDMrVfI8C/0/65iynohjJr:gvD/r5fh6PoJr

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2492	219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\219bdff1975b0211580f6209adc4263d_JaffaCakes118.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads