56f03ac76c47a7cc97f297faf3896d819c9c6423a6182db178852e72b2d96515 | Triage

Analysis

max time kernel
140s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
06/07/2024, 21:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2969ffc66f1a5e2d67d23293186231c6_JaffaCakes118.exe
Size

1.5MB
MD5

2969ffc66f1a5e2d67d23293186231c6
SHA1

64b97ae1199921e872b8be467c891aefc0092efe
SHA256

56f03ac76c47a7cc97f297faf3896d819c9c6423a6182db178852e72b2d96515
SHA512

d7c24985757da9cdf3e61e52f22edd29e996d425f14320582f8d1b4fafa582aa6ca0cc5e347d853a20a97fd711a1e8c05fc8c443edb557fea150bb67063331e0
SSDEEP

24576:ZtKxHGMloXCtUyRRBbB2Jyo7QNmRB6e0oO8Tc8l58xK6ZmQhjjv3CrQZ5Xo:ZwxH/loDCRBbWSR8l7amQtD1Xo

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\2969ffc66f1a5e2d67d23293186231c6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2969ffc66f1a5e2d67d23293186231c6_JaffaCakes118.exe"
1⤵
PID:1632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1632-0-0x0000000000400000-0x0000000000690000-memory.dmp

Filesize
2.6MB

Download
memory/1632-1-0x0000000000400000-0x0000000000690000-memory.dmp

Filesize
2.6MB

Download