Analysis
-
max time kernel
140s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
10-07-2024 03:13
Behavioral task
behavioral1
Sample
3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe
-
Size
452KB
-
MD5
3317f6898e00dd23116cc3fa5ad19268
-
SHA1
022c41ac763451c6519e648494d169fdc2818622
-
SHA256
2f135a6a02fbf13faa81440f297d010764d4a3620fb0fd8636043c785c70f579
-
SHA512
eba499e8233d8210a023593b0628a718ff0a6dda534ba2c9ab240504a3f932ebaf0338ef282604661949a832e0f0952cc76606f86c3d6ed9ffc9f6e9bf776927
-
SSDEEP
12288:LGFP4rsBRjSLvxZqWPo3jTza+YoH34kc9dtjkvi:yJw4iloja+Yp9dtjkvi
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2416-0-0x0000000000400000-0x000000000050D000-memory.dmp upx behavioral1/memory/2416-114-0x0000000000400000-0x000000000050D000-memory.dmp upx -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3434294380-2554721341-1919518612-1000\Software\Microsoft\Internet Explorer\Main 3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2416 3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe 2416 3317f6898e00dd23116cc3fa5ad19268_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
156B
MD51ea9e5b417811379e874ad4870d5c51a
SHA1a4bd01f828454f3619a815dbe5423b181ec4051c
SHA256f076773a6e3ae0f1cee3c69232779a1aaaf05202db472040c0c8ea4a70af173a
SHA512965c10d2aa5312602153338da873e8866d2782e0cf633befe5a552b770e08abf47a4d2e007cdef7010c212ebcb9fefea5610c41c7ed1553440eaeab7ddd72daa
-
Filesize
4KB
MD51d7b7d4b58ae79b4c4cadde36b409242
SHA1e3531bb7b293dd813c4b1a5481e71cb40b0e316a
SHA2563826a540a97d51774fe379434fd4044bbf2b3e31452e684e38f5da1d31f0d68e
SHA512c17d99b298aa64861fdea1ec5440f16bb7aed282e232610d4440c050018cbaba2a6c88446e13cc610f8903c2b2f48c819f9defec0845ef6e23ffe72f9b13d8b1
-
Filesize
508B
MD5e1fcf8b6066af9a266ae34738ed5c000
SHA14d1079ccdfe311b77177bed54163c7cc73d7d1be
SHA256d6021b1977f3c67cb78981b0b19be54d3a702bbc6c5320bb95b7226e69b5fe1a
SHA5125412b3e83587086f67cc0a4b3b12f828d76b54954b47ff61a9fd6e593cee2a6207fc135c7159808c085a80ffbb7b089198b417859a44d788b4994b561a9f41ce
-
Filesize
485B
MD5b570ea77375823be8510c0f27768ed62
SHA1096ed270c93ad811039738b7fb53e05eaae7f4bb
SHA2565fbbad89a2ab5257aacd3fd525d684443c5c4b07f2b47d58357091ce00ff743c
SHA5123c9829c52521d537a530a9d695b48b67a33fe68e4ec7edc8cd09a7f1a989432ee33276dd9005c8c15d1aa5dddc7d23deea6a0213194a80363935ad702ac56cbe
-
Filesize
360B
MD5501821d95e958528fed4747e4190b39f
SHA170e3c15d3ce5853a67aa741ec701d3af307d7bd9
SHA256562aade6e95f22e50010c9ff189c36bf4be9390fa4060a0bc2f1217119c84417
SHA5120c45ab94c5302c8ee4ec52acd2a293c4d4993f7bc1834e9c46794b2db85fb4a845062f2d6538aba358e1b94d9dd4d1f370d58d8b9f5b46062ab8e9e06fa8e05b
-
Filesize
7KB
MD5edb71146254d3b8ebae18607e801398c
SHA18775027da6f6cc19c72d20c7f1615a01112e5d3c
SHA2563e3610a947c3c6ced9971d16d4231ee3699f71f404894da4ce39090a8170c71a
SHA5124eb29933fcaed8ad368309377bdcf69cb4e9f469d0c882d5ddd2fa3b0723d0ced29480ec024cab44b86b737351d49471d58601b121bb380079c5c696164f8d20
-
Filesize
21KB
MD51a2ad75c0af449d5719473655ef5af04
SHA182c5ba738b9cd2508ea2d69da7985d586a4f0dca
SHA2567fd43f4e80aac98a7586ba5fbe951cdbe19dcb99fd41471e9e6e73e1f79ecab7
SHA5120db8650d8a272d9aaf0ecfe7077928ab771ffca575bc52d5c08b8c0797b77c3b60dbc0a7c7c39920b4ab98c22604d0ae43a4ccee12441c85a50e3da8402968f6
-
Filesize
2KB
MD561f74251810068cb9edaeaada3c50d29
SHA13b779b8e723ca1e1e73ac534a2d415a18fb2db6e
SHA256245213c4b0f5af429823ec4f0b9f3fcf0dfee92f049cf053b630feb4e4cefc23
SHA512dda26dd5417150291c60d452724dc10881f888ec4717d0066b01845c0a5a97cec17149658cffce2f8a3c5ab642013d6ca462e1e8820bd383dfad51bd32c70409
-
Filesize
982B
MD514b92cbe22ef5a31a5533d0ab114537e
SHA1e428f1b0236f7a85faf045237a7cd29a305d936c
SHA256a2226e2f7dd1ea319e49b1ff1d277a44b35a314ea6d32be1832e71ddebcc18ba
SHA512b585c5852960d89726d97ddb8e757abe0d36bfb2b5c91a30885e299728d836a048c7a3c5b5e85fbd514e2217d547330d816de497f38204578d333654c8d19f6c
-
Filesize
456B
MD526588a39e960e2f5ba70fc082a8f02af
SHA1116b62c07995d60f9bfc492296cc9c5c5a1ad26a
SHA25697210d3d0cbce804baef4efa6c2a01e52cbc30047d849d37201450455f45f652
SHA512ee722e9b4bf56d154216ff1d3b2b0b5df5d714092da8741bb25e5c2deab239c20501da31d8d07c212eac5404a36a58b25ba74263c0a22aab7f430b429ae093da
-
Filesize
985B
MD505e22e0225f53b69a44b443540c20324
SHA1af5eb7ebf4f053b17d19a678ec84c329e632b2df
SHA256139ff055cec5379c1b58b9b1eb1f205890c5464f58f86eee80f9bc938857705a
SHA5121c754458da075e504f3463cb72d683b8affa553a39083a2565ebe2e664ebf3400546bc687e0058097d256f86f0cc538439178ad8ee0c91abaa745c1bf977dbc5
-
Filesize
2KB
MD56f2b1f7689b06eef2d9c4e5e00b9ee2e
SHA1bdb0b30006af53427194ea79f0615992cb84a99b
SHA256a85622887fc7b035edf0ff9b7e296768cea04fa4a7dfebbd149e383837c96d70
SHA512930da8f935f8a186a3f5ebb45a74872942cdaa4cb46bfdda0fd5fef589ec51364d6e43eb0173310642da8978edaf60662d2a78519d80fae3fe1bc23bc7b570d5
-
Filesize
1KB
MD593791bdb5453514a501ad84985b69824
SHA14fd167c14ddbc76472082c3c5adb37052c96d6c0
SHA2560a771df975a8a733eed11854702075ac0858954fd322d7d58bc68d59792cfe7d
SHA512e36729aa139cd63205e966231663fb9b1e69ab39a43c45d80244a81f8d08722e240f3d7af1acc6bb935830dc77946c00648971a26058ab0e14925259fbe330a2