406bf5283f9a5950d59834536bc02dbcbf523030b3e1adf0920d66ae5e37b6cb

Analysis

max time kernel
93s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
13-07-2024 13:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

41d3f5e758349b8731e6340d4948aa9e_JaffaCakes118.exe
Size

76KB
MD5

41d3f5e758349b8731e6340d4948aa9e
SHA1

eab574e272ca41b32f6119e932c40a2b7120e106
SHA256

406bf5283f9a5950d59834536bc02dbcbf523030b3e1adf0920d66ae5e37b6cb
SHA512

bbb35e2cab79375b1f6bf1baa79bfd1c5cdda9bf60e38fe48289feced070decc99acf96f10fa95c15f80e9cac54d3894683422f773260f1d179891278f6982d6
SSDEEP

1536:faMNJX5WHDxeiKvvapfkrowQ+kxqIDl5NaQriYR0ym1t9cJAGAbo1Y:fa2Jo8iBOolf8QGdyacJAGAoi

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2960	41d3f5e758349b8731e6340d4948aa9e_JaffaCakes118.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\41d3f5e758349b8731e6340d4948aa9e_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\41d3f5e758349b8731e6340d4948aa9e_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
PID:2960

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\nsr9731.tmp\System.dll

Filesize
10KB

MD5
0c8ea8e6637bbf8408104e672d78ba45

SHA1
c231c7acaf9abb7da93f28e1b71bed164d57103e

SHA256
509a93177a7ae130bc3b6b5ec3236c7aa0811b8b86f8ab3442c65fdf8ff85b1f

SHA512
ee763a3cdbbba3b28e6a903ac942c7228bd8e54b19de21d6187e481f2916d833d9b9800e5ac2998f4aa26274cdfb20a8bfdd10f00f2a15d37bcc529b617e1f28

Download Submit