Analysis
-
max time kernel
16s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
19/07/2024, 16:09
General
-
Target
5caa24f4bc344f0f0160126ce2beb007_JaffaCakes118.exe
-
Size
749KB
-
MD5
5caa24f4bc344f0f0160126ce2beb007
-
SHA1
590a87dff1ddedc4a18efc104853c06d91409a09
-
SHA256
d520f90d559727ca1e2ef9aecc3af6a6b7537ddb0f30ab3e52025313dd71f6f6
-
SHA512
852374a925291d6e5fb7a2ede5f335efb0185e1474590f74eda2707795bd80bbad61b2959c03a3658974fcc0e6c5260dcc3e40de378af2237171c82a0b899c1c
-
SSDEEP
12288:K8KbyYgzl6QzKUdM48wvZ8zuQ3Msy96dMJYHiCThnuMepF:KXy9tzKUd58mZ8zl3Msy96dMJyi8hnp4
Score
6/10
Malware Config
Signatures
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies Internet Explorer settings 1 TTPs 3 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5caa24f4bc344f0f0160126ce2beb007_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5caa24f4bc344f0f0160126ce2beb007_JaffaCakes118.exe"1⤵
- Checks whether UAC is enabled
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx