b3aca9451a030104d0547d531b3bfcf90de270d900126c6e4d098644819cefda | Triage

Submit
Reports

Overview

overview

5

Static

static

5

5ee5121f49...18.exe

windows7-x64

3

5ee5121f49...18.exe

windows10-2004-x64

3

Analysis

max time kernel
135s
max time network
136s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
20/07/2024, 03:40

Sharing

Copy URL Twitter E-mail

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5ee5121f49c163b1da1d4bba3c94b7ea_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

5ee5121f49c163b1da1d4bba3c94b7ea_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

5ee5121f49c163b1da1d4bba3c94b7ea_JaffaCakes118.exe
Size

2.6MB
MD5

5ee5121f49c163b1da1d4bba3c94b7ea
SHA1

3d9195274b0996b0dc8e3fbafc956817e15a54e5
SHA256

b3aca9451a030104d0547d531b3bfcf90de270d900126c6e4d098644819cefda
SHA512

367abfcf47d92f41ce714e99b0bf56fbf39c946161ab3cd48409a17d091fc416d878be87b8614a25bc7727626a1c8fabf991d43e9644c7c252322e6ab35d8f00
SSDEEP

49152:mJZoQrbTFZY1iaHmbOCyNOqHKhWiOW5PMHZBaOoZyqh6k6PvQ/2RSuVc1:mtrbTA1LOpyNOcKMm5CHMyw8P4ORSIg

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\5ee5121f49c163b1da1d4bba3c94b7ea_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\5ee5121f49c163b1da1d4bba3c94b7ea_JaffaCakes118.exe"
1⤵
PID:1856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1856-3-0x0000000000C20000-0x0000000001020000-memory.dmp

Filesize
4.0MB

Download
memory/1856-4-0x0000000000C20000-0x0000000001020000-memory.dmp

Filesize
4.0MB

Download
memory/1856-7-0x0000000000C20000-0x0000000001020000-memory.dmp

Filesize
4.0MB

Download
memory/1856-8-0x0000000000C20000-0x0000000001020000-memory.dmp

Filesize
4.0MB

Download

© 2018-2025

Terms | Privacy