cdcbcd7bc361b6b21234107a36d79d6cdccf973030b058208eb3d686c48518a2

Analysis

max time kernel
149s
max time network
167s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22-07-2024 01:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Size

351KB
MD5

62359b4e7286f20e265413e6c126ede7
SHA1

1fc05e5732ccde025a25e7ead6173a4ee000d16b
SHA256

cdcbcd7bc361b6b21234107a36d79d6cdccf973030b058208eb3d686c48518a2
SHA512

bb9a263cdf4b374b5f1bff5b0df94c79d05036f51fdc3df9c1c84411844dadcf9d70245766c55e66e2a8a941c687b8225010162ee6a1b6792e577539ce4069be
SSDEEP

6144:uP1SCxJR35b97Ln2NNdsN1+7ha9ghnGfdu6n+aCyIK3ccnMxj9T:piR3H2TdgkAyITW1K3DnsJT

Score

1^/10

Malware Config

Signatures

Modifies registry class 38 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\Version\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\InprocServer32\ = "C:\\Windows\\SysWOW64\\imapi2.dll"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win32\ = "C:\\Windows\\SysWOW64\\mshtml.tlb"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\TypeLib\ = "{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\ = "Qikam Class"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\ProgID\ = "IMAPI2.MsftDiscFormat2Erase.1"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win64\ = "C:\\Windows\\SysWow64\\mshtml.tlb"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\TypeLib\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win32	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win64\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\InprocServer32	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\InprocServer32\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\ProgID	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\Programmable	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\FLAGS\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\FLAGS\ = "0"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\VersionIndependentProgID	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\VersionIndependentProgID\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\VersionIndependentProgID\ = "IMAPI2.MsftDiscFormat2Erase"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\ = "regfile"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\FLAGS	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\TypeLib	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\Version	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\ProgID\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\ = "Microsoft HTML Object Library"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win32\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{5E5EDE0C-75D5-3F40-9CCF-0E2A46ECFE00}\4.0\0\win64	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\Programmable\	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9429E6A2-182B-4E4C-AD83-64EE103C1EA9}\Version\ = "1.0"	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.key	62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\62359b4e7286f20e265413e6c126ede7_JaffaCakes118.exe"
1⤵
- Modifies registry class
PID:3316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3316-0-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-1-0x0000000000A88000-0x0000000000A89000-memory.dmp

Filesize
4KB

Download
memory/3316-2-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-3-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-4-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-5-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-6-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-7-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-8-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-9-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-10-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-11-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-12-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-13-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-14-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-15-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-16-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-17-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-18-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-20-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-19-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-21-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-22-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-23-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-24-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-25-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-26-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-27-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-28-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-29-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-33-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-34-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-32-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-35-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-36-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-38-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-40-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-39-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-41-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download
memory/3316-42-0x0000000000400000-0x0000000000AE3000-memory.dmp

Filesize
6.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads