Overview

overview

6

Static

static

1

2f02ef0196...18.vbs

windows7-x64

6

2f02ef0196...18.vbs

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 04:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2f02ef019668d10b1b9aea4316ece027_JaffaCakes118.vbs

  • Size

    4KB

  • MD5

    2f02ef019668d10b1b9aea4316ece027

  • SHA1

    312a0eb74424b26fa1650339483dbf301bfb883c

  • SHA256

    8f3e478837ffc91e2d44020dfd99fb91ca4985a7a2f4e0e3f8e21688ea71c90e

  • SHA512

    1ca7c3628937cd3db2557d2b6f2a87ab3dc3e3c4474a41d65dbbdbd558ccfbcc91c5c7115f19f55455ce85420a0da0b0c35f00506b90b9304e5792c2be25e462

  • SSDEEP

    48:H0Di2qhvXLviovTMsV2NUEu2TjajdUXDXsPqLle7QJvIGusqWk+uvv7:HbouX2TeyesvIpb+q

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops autorun.inf file 1 TTPs 4 IoCs

    Malware can abuse Windows Autorun to spread further via attached volumes.

  • Drops file in System32 directory 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\2f02ef019668d10b1b9aea4316ece027_JaffaCakes118.vbs"
    1⤵
    • Adds Run key to start application
    • Drops autorun.inf file
    • Drops file in System32 directory
    • Modifies Internet Explorer settings
    PID:1152

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\2F005A51A1C7418.vbs
          Filesize

          4KB

          MD5

          2f02ef019668d10b1b9aea4316ece027

          SHA1

          312a0eb74424b26fa1650339483dbf301bfb883c

          SHA256

          8f3e478837ffc91e2d44020dfd99fb91ca4985a7a2f4e0e3f8e21688ea71c90e

          SHA512

          1ca7c3628937cd3db2557d2b6f2a87ab3dc3e3c4474a41d65dbbdbd558ccfbcc91c5c7115f19f55455ce85420a0da0b0c35f00506b90b9304e5792c2be25e462

          Download Submit

        • F:\autorun.inf
          Filesize

          112B

          MD5

          dd4b0b982f481c45f448fb8274af6b39

          SHA1

          36ada05ccf1c43492c91215cc192f81c9802aef2

          SHA256

          7a9947a2f706cfd34284fe7758879540526b2462f782a6058e07fe11a069297f

          SHA512

          da75666eed7f773a7ac894611e2bec62aa7392ed3749574faf7fe75afbd6177c1e6e5c3f27c2eacb1c7e2d8b3df45f59ff4ebad7d2034b35a2355eb4480c0ef0

          Download Submit