dd87ce5add8927fdb27aa6b620f13f29d1df03c4872d92a01c71a5a7fc33c1d9

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe
Size

781KB
MD5

477736e1a06bbc96df7a8a5730a27085
SHA1

a303f3697cc0b864de9d7a610982d986787d23b0
SHA256

dd87ce5add8927fdb27aa6b620f13f29d1df03c4872d92a01c71a5a7fc33c1d9
SHA512

29f5831449d197da4c16379e352796f93fa75fa9d466129fc1fa6819abecb69d5f846e3644fe5c0fcf481808c5349d228c45601ebf53fe5164ecec41ac7c8ad1
SSDEEP

12288:ekMtDFCAJLx8n99Xl3LjFVhg5F7wxHVnzPcV26n4L7+dHaMw2u7J2E:ZMnpA9Xl3nq5pC1nzB6n++sMw2u7J

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1048	Secon Logon.exe

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\pRogram Files\Secon Logon.exe	477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe
File created	C:\pRogram Files\Secon Logon.exe	477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	3612	477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe
Token: SeDebugPrivilege	1048	Secon Logon.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1048	Secon Logon.exe

C:\Users\Admin\AppData\Local\Temp\477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\477736e1a06bbc96df7a8a5730a27085_JaffaCakes118.exe"
1⤵
- Drops file in Program Files directory
- Suspicious use of AdjustPrivilegeToken
PID:3612

C:\pRogram Files\Secon Logon.exe
"C:\pRogram Files\Secon Logon.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:1048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Secon Logon.exe

Filesize
781KB

MD5
477736e1a06bbc96df7a8a5730a27085

SHA1
a303f3697cc0b864de9d7a610982d986787d23b0

SHA256
dd87ce5add8927fdb27aa6b620f13f29d1df03c4872d92a01c71a5a7fc33c1d9

SHA512
29f5831449d197da4c16379e352796f93fa75fa9d466129fc1fa6819abecb69d5f846e3644fe5c0fcf481808c5349d228c45601ebf53fe5164ecec41ac7c8ad1

Download Submit
memory/1048-61-0x0000000000400000-0x000000000063E000-memory.dmp

Filesize
2.2MB

Download
memory/1048-64-0x0000000000400000-0x000000000063E000-memory.dmp

Filesize
2.2MB

Download
memory/3612-0-0x0000000000400000-0x000000000063E000-memory.dmp

Filesize
2.2MB

Download
memory/3612-1-0x00000000022B0000-0x0000000002304000-memory.dmp

Filesize
336KB

Download
memory/3612-2-0x00000000023E0000-0x00000000023E1000-memory.dmp

Filesize
4KB

Download
memory/3612-17-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-41-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-40-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-39-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-38-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-37-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-43-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-42-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-45-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-47-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-56-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-55-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-54-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-52-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-51-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-50-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-49-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-46-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-53-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-48-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-44-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-36-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-35-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-34-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-33-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-32-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-31-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-30-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-29-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-28-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-27-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-26-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-25-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-24-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-23-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-22-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-21-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-20-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-19-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-18-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-16-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/3612-15-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download
memory/3612-14-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download
memory/3612-13-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download
memory/3612-12-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download
memory/3612-11-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download
memory/3612-10-0x00000000023B0000-0x00000000023B1000-memory.dmp

Filesize
4KB

Download
memory/3612-9-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/3612-8-0x00000000023F0000-0x00000000023F1000-memory.dmp

Filesize
4KB

Download
memory/3612-7-0x0000000002510000-0x0000000002511000-memory.dmp

Filesize
4KB

Download
memory/3612-6-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/3612-5-0x00000000023A0000-0x00000000023A1000-memory.dmp

Filesize
4KB

Download
memory/3612-4-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/3612-3-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/3612-62-0x0000000000400000-0x000000000063E000-memory.dmp

Filesize
2.2MB

Download
memory/3612-63-0x00000000022B0000-0x0000000002304000-memory.dmp

Filesize
336KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads