Overview

overview

6

Static

static

1

36adefe9f1...18.exe

windows7-x64

6

36adefe9f1...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36adefe9f166140cb3a96088680894ab_JaffaCakes118.exe

  • Size

    255KB

  • MD5

    36adefe9f166140cb3a96088680894ab

  • SHA1

    59f2b22a3d31dca6cf3aa4e2dad53a92e6e69212

  • SHA256

    91ac9ea0a973d36c244f17246bf7c33cce93bdf94a4ad91209b50b5d8d312262

  • SHA512

    6b3d7f635a8063a7db18678afa376c9910cc55593a03918c22a26de066fde253f0e3a7cfa0d9dc6fcc340daba10232d0697b70987352d0faf99eade4a27e739b

  • SSDEEP

    3072:KVWIbbNbOp3n9N41CN/sqSGDqCAh6paSQGUDDlOOzC/b2+:KtbbNbOJn0y/s+DO8AS60OzCS+

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36adefe9f166140cb3a96088680894ab_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\36adefe9f166140cb3a96088680894ab_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads