Overview

overview

4

Static

static

3

5a14566a17...18.exe

windows7-x64

4

5a14566a17...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 02:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a14566a17cfcb875ba691979dce5dfc_JaffaCakes118.exe

  • Size

    148KB

  • MD5

    5a14566a17cfcb875ba691979dce5dfc

  • SHA1

    cb61ce6b3c3b3f192604e7d72ae172068cba6298

  • SHA256

    dba0741ddcd64979c0be27db358791275814667f32b95268acf32035f29bc90b

  • SHA512

    1f9433eb2a2e067bb5abd4b052f9ab992821f3cfac0bb7c658e7137974e2a67c08911db61167a46ffe1f2483b48f7f80103de03420c03601e9026cb4a792a749

  • SSDEEP

    3072:T6LKSHmyX71EnZTWgvrhy7JbSfQzluByV7oSJ8fyDOhMLfQc:MZ771m0llzEoefyDOhifQc

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5a14566a17cfcb875ba691979dce5dfc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5a14566a17cfcb875ba691979dce5dfc_JaffaCakes118.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\jI82l\PCGWIN32.LI5
    Filesize

    2KB

    MD5

    31d1ac40780d213e0e08d40a3e9d72aa

    SHA1

    5b73bb008703bc64544fe6efbd3622372f8c4a0c

    SHA256

    993205498e08675bf82554ce47f648966a9fd0bbc2cbe98a2019e477d57728b5

    SHA512

    9168d1a4069324f238411c4648e604c90a749a7851e593f370828db5734eeb1eebde5400a2bb00d1afe776484ffd2ed99c6ba13f33f2419923b119595bf5c517

    Download Submit

  • memory/2500-19-0x000000004CA00000-0x000000004CA13000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-21-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-10-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-12-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-15-0x000000004C300000-0x000000004C37A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2500-16-0x000000004C300000-0x000000004C37A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2500-1-0x00000000005C0000-0x00000000005D7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2500-18-0x0000000002330000-0x0000000002343000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-20-0x000000004B680000-0x000000004B699000-memory.dmp

    Filesize

    100KB

    Download

  • memory/2500-17-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-0-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2500-22-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2500-26-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2500-27-0x00000000005C0000-0x00000000005D7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2500-28-0x000000004B680000-0x000000004B699000-memory.dmp

    Filesize

    100KB

    Download