18eff91e5dba6f888eb286c497c4ef352b903184c5e3e3723990cb23b4c54f4c

Analysis

max time kernel
94s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10/07/2024, 08:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
Size

73KB
MD5

33e3bd5cde3211afdf7877d345fc1aea
SHA1

af938251dd9107d0e79aac0606185f39a852922b
SHA256

18eff91e5dba6f888eb286c497c4ef352b903184c5e3e3723990cb23b4c54f4c
SHA512

cb294bb7c2e0968808756bc2db868bae3a7064c9fc266524598720746713184a64bd2427aa498676518db7cc8108809ae1778fd6d8992d861793951aaa968d9d
SSDEEP

768:9mVdP9U/efc/FGiFo0cYEJN672kZwv0LD7TcFb2Gh0h2+qFNHHqTnoL9atJ:9IdlU/W0NFo0cm2kQ0v7RI3qTnos

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 38 IoCs

pid	Process
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
2152	33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\33e3bd5cde3211afdf7877d345fc1aea_JaffaCakes118.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2152

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads