Overview

overview

1

Static

static

1

382f7a099b...18.exe

windows7-x64

1

382f7a099b...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-07-2024 07:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    382f7a099bb3cac74960f76a15b8769a_JaffaCakes118.exe

  • Size

    14KB

  • MD5

    382f7a099bb3cac74960f76a15b8769a

  • SHA1

    b419989668e834cd000d44a45e444b2a7476cb44

  • SHA256

    16c420649e2982539d14c2c84bd486af2fb7be77119d93c83dfc1ea9adca91a8

  • SHA512

    fcd396471ce4662b086d1d89b19e96cb00c126e728beef389d60d43e0d3616c36688ff3b8d723e53e11b73f6de7006255f2d8265fea980241ae911afbe4deb4c

  • SSDEEP

    192:FeaQ19MUSY2L54u1/Ra6ShMJYU2JtLRiL1iPgxbH16BZbHBZHkCLdK:FeakSV4u1Q6ShPLUL1hGbhhvdK

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\382f7a099bb3cac74960f76a15b8769a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\382f7a099bb3cac74960f76a15b8769a_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3008-0-0x00000000745CE000-0x00000000745CF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3008-1-0x0000000000AF0000-0x0000000000AF8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3008-2-0x00000000745C0000-0x0000000074D70000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/3008-3-0x0000000005D40000-0x0000000005DDC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3008-5-0x00000000745C0000-0x0000000074D70000-memory.dmp

    Filesize

    7.7MB

    Download