Overview

overview

6

Static

static

1

3605d6395f...18.exe

windows7-x64

6

3605d6395f...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-07-2024 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3605d6395f6e012c8d13a9d922c98163_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    3605d6395f6e012c8d13a9d922c98163

  • SHA1

    3f267c0c02ebf7ece04e105e6e552458ca7264d8

  • SHA256

    a47cad67d3931ea24b5dfe18b77b22e24446f78b6c6387323ff64a0bcef51538

  • SHA512

    8449ea494cd5bf270f4a53764af255c64bec50ec5664d82c076b7ec13871f50428613985a69d05d3c01caa03d49404c997cc00cfb094a3f2af8cbbb88a9180dc

  • SSDEEP

    384:9k1IY1Z8Ln8DjOS2m5vSlljEADRZmcZQrQkCXsL25pHJahh4WWieZW8b:9k1v8j+H26vQDRAcZwQkVqrHJahhdep

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3605d6395f6e012c8d13a9d922c98163_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3605d6395f6e012c8d13a9d922c98163_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2852-0-0x00000000005C0000-0x00000000005C2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2852-1-0x00000000005C0000-0x00000000005C2000-memory.dmp

    Filesize

    8KB

    Download