74b21c62899cd33d8e7ec9de588626b65656b19af814b9c56d23da7969bc226a

Analysis

max time kernel
137s
max time network
139s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09-07-2024 18:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3166baffecccd0934bdc657c01491094_JaffaCakes118.exe
Size

76KB
MD5

3166baffecccd0934bdc657c01491094
SHA1

05f66492c163ec2a24c6a87c7a43028c5f632437
SHA256

74b21c62899cd33d8e7ec9de588626b65656b19af814b9c56d23da7969bc226a
SHA512

c5d048188b7a14f0da53e94343f7fd00c5d2697b44ccb2653f0a8b65038bdb91234eb9ee3af0e431ff3e343a8e80cfe487755350307fd2679166fbc3d67fd0a7
SSDEEP

1536:ZslON7/jtG8xMseDB+mutbHGEN5lQYlsopS:ZsstrebulHH5lQYlsopS

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 4 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Mozilla Firefox\bin\firefox.exe	3166baffecccd0934bdc657c01491094_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Mozilla Firefox\bin\firefox.exe	3166baffecccd0934bdc657c01491094_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Mozilla Firefox\bin\ver.txt	3166baffecccd0934bdc657c01491094_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Mozilla Firefox\bin\Temp.txt	3166baffecccd0934bdc657c01491094_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\3166baffecccd0934bdc657c01491094_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\3166baffecccd0934bdc657c01491094_JaffaCakes118.exe"
1⤵
- Drops file in Program Files directory
PID:2536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5J67VDZD\SomeUpVerlan[1].txt

Filesize
5B

MD5
fda44910deb1a460be4ac5d56d61d837

SHA1
f6d0c643351580307b2eaa6a7560e76965496bc7

SHA256
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

SHA512
57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1

Download Submit