Analysis

  • max time kernel
    96s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-07-2024 03:33

General

  • Target

    3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe

  • Size

    484KB

  • MD5

    3bd9315fa824d7f8351d858ca5c12629

  • SHA1

    a19b2e80a240452e4fe251a9299bd5d30b66d709

  • SHA256

    20fd96b00deec9d95d0e251aa4c6885f85af415f8e776716399b4280ae8128f3

  • SHA512

    6fc7405b19ae91a3ad96dc91918eb2e7c2da0e2265a79f17f096c8d2b348ede7df51e2d4a2db69e3bd5aba40ba94e52bf52b374de48c81e0566932983095b38d

  • SSDEEP

    6144:Gbx0cXjCfjnhWQ+3HwOcc0WXJ4+5yk6kPFlom3iBX94AcGFCKrvvScZTHvxqVCHR:QOFPocc0WX64kmiqAcGXFZbAAt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 15 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1500
    • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
      "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
      2⤵
        PID:1904
      • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
        "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
        2⤵
          PID:4392
        • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
          "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
          2⤵
            PID:5020
          • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
            "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
            2⤵
              PID:4524
            • C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe
              "C:\Users\Admin\AppData\Local\Temp\3bd9315fa824d7f8351d858ca5c12629_JaffaCakes118.exe"
              2⤵
                PID:1816

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/1500-0-0x00000000749BE000-0x00000000749BF000-memory.dmp

              Filesize

              4KB

            • memory/1500-1-0x0000000000FC0000-0x0000000001040000-memory.dmp

              Filesize

              512KB

            • memory/1500-2-0x0000000005FC0000-0x0000000006564000-memory.dmp

              Filesize

              5.6MB

            • memory/1500-3-0x0000000005A10000-0x0000000005AA2000-memory.dmp

              Filesize

              584KB

            • memory/1500-4-0x0000000005BA0000-0x0000000005BAA000-memory.dmp

              Filesize

              40KB

            • memory/1500-5-0x00000000749B0000-0x0000000075160000-memory.dmp

              Filesize

              7.7MB

            • memory/1500-6-0x0000000007C20000-0x0000000007CBC000-memory.dmp

              Filesize

              624KB

            • memory/1500-7-0x0000000005FB0000-0x0000000005FC2000-memory.dmp

              Filesize

              72KB

            • memory/1500-8-0x00000000749BE000-0x00000000749BF000-memory.dmp

              Filesize

              4KB

            • memory/1500-9-0x00000000749B0000-0x0000000075160000-memory.dmp

              Filesize

              7.7MB

            • memory/1500-10-0x0000000006D30000-0x0000000006D8A000-memory.dmp

              Filesize

              360KB

            • memory/1500-12-0x00000000749B0000-0x0000000075160000-memory.dmp

              Filesize

              7.7MB