Overview

overview

3

Static

static

3

61fa05f6fe...18.exe

windows7-x64

1

61fa05f6fe...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 00:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    61fa05f6feefce92ebe5255e5337769e_JaffaCakes118.exe

  • Size

    741KB

  • MD5

    61fa05f6feefce92ebe5255e5337769e

  • SHA1

    018d2eabb5a0cc030ae8a745f2158000535b4cd6

  • SHA256

    70ece4a4e8bf7e1065dcad684bbc10f4ed91c6139ebea4b6b40c1dc3343bde26

  • SHA512

    69f0979e29f62ed871a39311ed1d35aa666bb9bf3a94bd76ac905c9eb006dd3eb94c12efa3ec1a5c0098ade24743cf01cb02a087a211f9e5e2891c20ef13f094

  • SSDEEP

    12288:TRyTY+2U4uan/8RdW5A0zyxuJwQ5oAlK+Gx/vZuIkAbQQ52LYRg08y5rDRj:t6iU4ucwdW5A2RJr/k3/vcIkA33P

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61fa05f6feefce92ebe5255e5337769e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\61fa05f6feefce92ebe5255e5337769e_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2724

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2724-3-0x0000000000400000-0x00000000004C2000-memory.dmp

          Filesize

          776KB

          Download

        • memory/2724-1-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2724-0-0x0000000000400000-0x00000000004C2000-memory.dmp

          Filesize

          776KB

          Download