Analysis
-
max time kernel
41s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
14-07-2024 15:12
General
-
Target
465dcfcf15860843aad1575cc47672e5_JaffaCakes118.exe
-
Size
88KB
-
MD5
465dcfcf15860843aad1575cc47672e5
-
SHA1
4e9a410b7c7482003cd464f86ed813b386aef78c
-
SHA256
ef071ea82c81589a59a04beb499bf0591621c155508bc6f32a0f84a085bd26b5
-
SHA512
0765aabfe91b06618230adce8579eebedecde761bfa35e47a14a183c5e859f48af8d1c61d6e0396deaf0baaaf4108c86a028a851c9434d12769fe46bd387ab3a
-
SSDEEP
768:14RdXRzNHlFeyU6zSMkhUWeNf3ms98fen:14HlNHlFe8kKW2df
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\465dcfcf15860843aad1575cc47672e5_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\465dcfcf15860843aad1575cc47672e5_JaffaCakes118.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx