Analysis

  • max time kernel
    98s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2024, 13:02

General

  • Target

    3d7bb7cc419669ec36c646149f21cc23_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    3d7bb7cc419669ec36c646149f21cc23

  • SHA1

    7d52fc7faded70f4460865ded76c6891e80b262a

  • SHA256

    d32dd0539b75d800fdc0595154d52aed1658a95177c9e42b5c52768c8327e606

  • SHA512

    599074ba55a3086ad1a7467cfe9491d2bcebeb6f1a54a54eccd049f52ad06e3d3e41a34e4146acc34ae2c7a6fd4bac87c8e4e6374590b69aa8e691a7362bde3b

  • SSDEEP

    24576:5dmH36cY0IstVMSNL/Lb7I2Q163cCEpshK9pWhMDy/Q6wg1bEbUWrhKpikxr:eX6x+VpNLjbCw3c8IDk/1bEAWrcpi2r

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d7bb7cc419669ec36c646149f21cc23_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3d7bb7cc419669ec36c646149f21cc23_JaffaCakes118.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4880

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads