Overview

overview

3

Static

static

1

4a409890ca...18.exe

windows7-x64

1

4a409890ca...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/07/2024, 15:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a409890ca1a54d85ceb11c19a8fc1db_JaffaCakes118.exe

  • Size

    25KB

  • MD5

    4a409890ca1a54d85ceb11c19a8fc1db

  • SHA1

    8a68a8cdbe762b75a7fb5ff7b69bd94429dcd273

  • SHA256

    723efcd69df67fba41fbf89320f72b1d46a0aeb7144a7d07a5dd564262e72df3

  • SHA512

    4336d59780a7f117e91f152582ddc77902446f1f654a3b8f74fffe39418c2f7370fc706c37fcad5e84c25fecd3bf5b4cfbe5f13e803a0829545630014b84ba03

  • SSDEEP

    384:dMbvmnaBDdhbKg5Eeq69WJs+52QI5Voy4Ghh44WieZW46:dMqcJ5KEjDWJJ52Qs2yvhh7es

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4a409890ca1a54d85ceb11c19a8fc1db_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4a409890ca1a54d85ceb11c19a8fc1db_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3632
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3632 -s 56772
      2⤵
      • Program crash
      PID:2924
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3632 -s 57044
      2⤵
      • Program crash
      PID:516
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3632 -ip 3632
    1⤵
      PID:2020
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3632 -ip 3632
      1⤵
        PID:3108

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\~!#174A.tmp
        Filesize

        13KB

        MD5

        08f7c7cd56c2a532fd0f452a28949b5b

        SHA1

        50d515f170d70eb4becf34aae02c95a08655d8d2

        SHA256

        5bed16183a13dfd25821d7be8ea9917d45b7e03f04d822e042f016ac3d32580c

        SHA512

        26a720c2bbd5d87d884ba2522dbdefc04d97cdfba893e65f10c0b686de472ec9a01d61fdf9e48a8d98b970e36543d6928953330224b0a1e1703ef4ba438dacbd

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#1E1D.tmp
        Filesize

        13KB

        MD5

        dd37f0185f1ceb7fdfa118faf448e17c

        SHA1

        a139db4224559502495e9421b49b1efef499d6a0

        SHA256

        247608c80eb063ff403ddfba57cd739aceda72ea8874591f36077480fe802ecb

        SHA512

        1550c6b88eaa31b9f058f09819f5cdb26a9832c63a9592bd610a633671ad1d830138721c04823d16b4c46bed686174d7829df96ad6ba89d20fd14ce42f6208d1

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#2358.tmp
        Filesize

        7KB

        MD5

        f374524e069498269f709268dc669ccb

        SHA1

        66ce35f12d60cb47c090f05054fe4ce5fdf7a76b

        SHA256

        7bef800185d20a5a13c3d4b081c67f85f6ba9f99993b647e0decc54651d94db5

        SHA512

        1dc27ab6f44c0de8a69e00fe44cae09b0ceed109bfcaa67c7a90325d1be462fc2f7bdc027a3518905b929a61f5b24e02f37bd7a7c5eb0296ee823e9593f0e1b1

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#2882.tmp
        Filesize

        10KB

        MD5

        8765185aaccfc4131383d4c0ca699135

        SHA1

        759e588c3eb320043680d41e929076913c8433de

        SHA256

        84272823bfe74f7111af059f8fcaa74fdf60abfe5ef1caff5e686c54276c39c9

        SHA512

        439ab15b140f90693b89eddc64f6ffe5e6ccd63d1a9313f4ac9d45bfce67b6d2524d05c838dcd28367310c9d777d0fd116ba20c82db14a190b4dd14060581655

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#298E.tmp
        Filesize

        9KB

        MD5

        7ab0b0c8bc7f939484bd7cee853dae5b

        SHA1

        3c348f9cab750691576c6ab33eb796558f1792bd

        SHA256

        ce29fcc8589ce1c6e8077e36a28eaa228190714d4f0f775987652bf79c52e8e4

        SHA512

        ef151cfc1978358091271deddcd6273f25aa605b0eef9e2cff995871c7d2d7a3782357a4fafcd2a4baefa47620d0f346106bbcdcb0df3974126e50a1c3d95c6a

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#2FB4.tmp
        Filesize

        5KB

        MD5

        e78129559825e39740124e8b965d51e1

        SHA1

        1f569ae6e74f93f8cadc0c6c32b7d83d5f347842

        SHA256

        7bfcb2a51a4f8406624592ae6ceee249a89a4ff04b39c2c97536ffd5320583dc

        SHA512

        955cd9442315b07120e7e7d60b36a585ecfeb2be5c8f7f5625fd46a8067b75086c8ca2be56cddde01584e4a659e752e08978d1a8962c2694f3192ed621c1094c

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#3315.tmp
        Filesize

        12KB

        MD5

        be19298d92463b3ac1147c309e8948d9

        SHA1

        601cc90849fa5eedbddacaec061a4e2f4bf0c5f2

        SHA256

        833c0bafef364e2fffc3bdfcc8e7af0390686ba1bc4353bd3a02b9603398d8a1

        SHA512

        c945041d6d74c3211e428c01111d969fdae5d35d3b4f7a0d3f3a98505f3b3cfb8ef3697a11b6989b60519b1b340709480c9c149642a19ec58dc65af8dc78dd19

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#36B5.tmp
        Filesize

        13KB

        MD5

        53eec2b95c871f0f045484a8f70fe0d1

        SHA1

        bb855433fa2485ae4a83e07c939dab5f948cdf09

        SHA256

        4500b68058f881fb77a1a69d7776bb96b3114bc6a0f0943020906bddb9df5dd8

        SHA512

        194383020acb1fd82d75854162125450fbe91ab5a8eb5c5f68c70a352cd95f775ecdd912f25f63ff675acb0a52fa5563c2958a9a93792d185631100cd5f8e0fb

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#383F.tmp
        Filesize

        11KB

        MD5

        14d84ddc69e9f3f6f3fde56315048ce2

        SHA1

        1819e2ed04bc5e5f23cc99042de077575ea227ec

        SHA256

        eb18d12a456984336c5a5d8fd17cfffefb022a7ab4b39908b4e7c786fa61458a

        SHA512

        b17b685dbdd8a3f291af8a0604da3f4ae18ff94d1f9049b2dbefe351d8c1219cf95b6302650a934cb7a881c8035e03c4579b754ec1c8190ad9d0b3deb4dc92bf

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#39D8.tmp
        Filesize

        10KB

        MD5

        edbb05d340ba14f95e7befb0793a6de4

        SHA1

        3098c0f2ae03dbcbb047dd4cbb32357658f1facd

        SHA256

        77cbf794c59ab97d00a4e4bd86d2827b68d5e7258e1489a5979c27e0fdc2e6dd

        SHA512

        bbd6be15af48ecb65af06fbd04545268c5bbf8c9ca1b67c7845575266f079f0d4a1097e1fa81f48901e3e6b9df3375944458a75a669c92cc34f40dc79b717976

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#3C6E.tmp
        Filesize

        4KB

        MD5

        522e1c517593bbcd0fab1939d90d47db

        SHA1

        b249c0859251367e007b4d62407c514e86bbe55c

        SHA256

        8216746910c21854fede312cf3d9cc5216f072d3a98626d1b7933d1deb9ca88d

        SHA512

        e945c72c68885e6cf2b1ede2952052b01b333a4f8e9118832e367c7828a8c69db949f5f308280bcd02d2c07a56d88afcdb102000d4fbac08a3e62171851af99e

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#3CEC.tmp
        Filesize

        22KB

        MD5

        28ad755ef7fb1e9507e4a6a55cbf10a7

        SHA1

        36a5cede32814f59713576bec729e5a99b3aba5e

        SHA256

        227e033a4f0d0e5172fa8ee30c33a3fa6e67a2a11a59e9274e7192bb96f2b032

        SHA512

        90fa3f80a8fd085f7f27aec181ed2439d815b64a0eb5b2f8ef36b51b2a570adc6e3a83dfe7a99629a47c137047d2a0c32a233b5e3941587e54761aaf2c4a1129

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#446B.tmp
        Filesize

        9KB

        MD5

        f79d0cfac5c271b034423ea6df1c593b

        SHA1

        9d136c46214185916a3ecdc1133f3d9ba4b319c2

        SHA256

        9078ebb55b86bdde9f3cf7ad3209de2a099b2717d580a2a1a4ef6edad862b084

        SHA512

        329bf666b137bb278bedcca570b3c0eaacbdf752dbefdfd385d197dda1965c05b4bec4c61baf3362a7e1a0cd00be3c81d36acbf75cbd1a78c15d6bd61f1ac6d7

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#4682.tmp
        Filesize

        11KB

        MD5

        b81b2cce2637c52fad00985b098cd48d

        SHA1

        b28e8a4a00f24e4e6194413033cdb8840926f58a

        SHA256

        4f9be51018039bcd74606b8faf12808eb1b71a717eda4e204fc06927bbbd0958

        SHA512

        72b3b915aab8b3f8365b9e39e2d75ad79262459c4ce3805382dbf411736a1ecd9c271ef9b33d549c701348abc3372a47d86b71639cfa582456f977bf047577cd

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#ED9A.tmp
        Filesize

        8KB

        MD5

        fb9c497870e847bcdced416c691e0a39

        SHA1

        08403fdb0073b6c39aef229d082f8bace007a928

        SHA256

        db92fde53e6c9ea63bf81dc77618651a59f3eb7dc3610bb2505a31f10c6b02a0

        SHA512

        f0eec25a244670201438c88e82f1a8efe82cee1d16fb37fd13286d587410a3b467a2c2d4e9748986987c6a02b7db5f38e8c8767ab331d9ea1f1e18b2e28fec7c

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\~!#F9D7.tmp
        Filesize

        4KB

        MD5

        39d0ca61e862106ce2594a93cd1099af

        SHA1

        e64cbd396bf0aa403e618e390ba52c756d0c41ae

        SHA256

        450d33bfb4c9d9ce397733aa921e056ea0a170530b129b271bbf74a168e0950b

        SHA512

        ede89ffda681c0f35ee06be235dd79cb8a0c0392ecc227dcd2c73b1fce2f5af4ad498fa871cc17e72b572f27ff7b6b855add79462812fa295d57955d2172a71f

        Download Submit

      • memory/3632-0-0x00000000005B0000-0x00000000005B2000-memory.dmp

        Filesize

        8KB

        Download

      • memory/3632-142-0x00000000005B0000-0x00000000005B2000-memory.dmp

        Filesize

        8KB

        Download