7546ba2d00688db89726e734efba35180198a9a1dd3c9607504bb19008823ad1

General

Target

632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe
Size

428KB
MD5

632c5b173f67deed6dba88f66e58bd2d
SHA1

249dc9a6e5907a8916d4be51421a2baec731e3ed
SHA256

7546ba2d00688db89726e734efba35180198a9a1dd3c9607504bb19008823ad1
SHA512

a5642ca93cda3fb39c94a5d3123be2f986048db02b4eeab3e6275147cb250e73ee8283d6c52c839341170edb4a6b9171335f841c264bc07304c97066c3c23e51
SSDEEP

6144:lSPbEtsS/454x4ihdBCkWYxuukP1pjSKSNVkq/MVJbExyjkyLC03r2BS:8z2TBd47GLRMTbyynLD72BS

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\PCGWIN32.LI5	632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\{5EEF5F4A-C88F170D-C2C70096-E59A1999}	632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\{5EEF5F4A-C88F170D-C2C70096-E59A1999}\ = 852d764d560ec6cfefe5a74cc9a7fb42f627f2f24e0644f351416c28a539700c7fbb0a31a738bd0dc8785a71aff4fa7c8ef6bbf3894927bcc289c6c3b2517990c8d4ded3eb11e1af3f1a8a29e6248d80c7d902971152d0d1d7d7dde26b30418c1819ad6c647871730476cdcd2738a2c9ee80a56e9364e91d38d40953a68ee78f3d963492826e115b24562dd3bb2e36053decf4073d828820e30db164fc8ff4c5d853075eb21578af35bab0884b241ec3ebd92197b76272a1f7e4fdaec8a53e5375e90c403a3f3735827cd6779db2abc0468d8de764ede1e447f2324e017a580f6ddab8170e52db2769f2384f0f7a5a4f6f45baecc9c663bc5675138056c99387a15247e742b22fb885f4903d90c8d2f9d7cf6d65d8809588af64a5bd3f374a8d01b824cadd461443ef2e9a7b56b69dc35779227087f89d4dd4245ed16bd3c1a9345c7f950a2c19591710a2656ebc44f6f342399f0bd5feec0a2487b23d49081c7957ccd2e42140e8a9bde3379e32aa066783f229881cd969139cdea8aa7df9480f5afae9c8dbe0913550fc93c916db6d5104a83f440aec86a5c3af917a9c896a6487336dce04dad356265cdd696b80061443d1966762323f074a429f5755a210f75dbd94c89cdae9d01bea110790f214cf1d8517f052c26f00c5bb30094d18642ed35b616ec3dade2f6a3af94f779a72eff98577b332ce37c4420d89a4833e31754c0c3b67369233d9beab4be60622dd592bd0a12e940456acf61be90cfd5179468f233dd97715becb303fb20321073a9d1057ae2ce79094161d3bd23a908f9285bb372c821b766ef3fa89379f72ea31dec06a09bf58f52fc03a04f1be5f0bde7e6a74478d123b6776b27dffb475037ca6f47c4d0b38860c535b66562d9d98eb968692d22e198568e3c0be098a04987116bc93c9998797bd1dc8683addcf6ba55edc2b287ec38b8999e42c6299af93a5a92fdcfa16ceed7abb8ff6a5027f374a82070e9d04e8c39ef155b0d0f4ee3fc54a2fc6a5d36c91fbd0f11e8c2a1ad9efd3a5ae2fc45ad21717d2a216f753cd2e1b1baeeefa7af6310d30e436df73958e139b56e9ed5b475632233fa1cafc384acbe681bd60f77372f6f1fcff898a071ed255d0e066565c6355366073efb6e5fcdc4a1667a2326fb6fafd8f4b45a69c5c54d6e06d41e40c8cdba7e95d6794b26e4805e6b063f0f67bb28ef9a4371132a47facf5a4fce18a1f38ea49fed8f4173fd28a50e11f936ad6e72c1d7be8f6820c7165446ce1b9383333beb6f53cffcbf599c31006d5c3df8eaa1a38e9f383891907143223398e8c653860f5357f8c0a84c782fd08b45d4e14852d1f24957f508a2778520fe75a0291315b846e73057e83cbc6d94cecc61afd694bc4a6029307e1524f9f9ad596a012eeaf3ba576afcc05fb6089d91f532a6679c3f31906687d197428cd25075002a7776dcd18f8ad4878e50963c41e3215f7e04d7e38f50f433a4e89fb07313200474d82dbf8168b53d96e28e5452fd33ae6494ce785e2a080de3c2b497ee40b3f660a6ce7a7122da1581b1316216368b667bc924ae067b562f3d936d733d2f6d0c350d16a2b19dee8ea39f8700f77fab2b136fb830ec1e5e7c0e2a0fe3a0a49f9fccf749a7de8f4e63cfd0b3786bddc74a9339b466ee3fb2eb105bc80881a2629dd00ab5939500ce7674ddd38e8cd6018ebab412110746b3386015c706983586ea97b384977a40232777f824aee87bb02c95920103f1d8a6818412ff47a7ccef6e5f3a38919071012235faeaa24c011565893eee9259840ae717bbcb60a73c1064b9c2697cd9dfbeb4efe65345071af0805659c60a86f9f4515dc6c143bef36a50c50476542c081fe2fb5da33a9f6c78c32593fa84a61872c8de778edb7870202a7c98ddbf8560a63473e02b5714f483a678f6de5c4b0008c167bd3ced9a4a8cdf847cccdc7f82db287cf02e5390fc8fa3dce74bb3dc9f4ff71ca30e0083c19f7acfdf8b4b1328b075e62d5c99fffea8a2618dd6feb3a9ef1140c1d87171d52d4a15cb45402637146fc93082e1e5beb69e198d3522657fd128851e6a043e1ceafa4daa3ee7904cfd37a91c9dcbb548ed09aed2e7bbaf6897ca70bdd1ed42a2e419a9c2f553a10cf57fa928e6f041a4da9f89f7095416c289b4111ac9884941350a65f9c2aaa4721a2a888841be1960fa25a9e171552a05faaaab8410b60de4aabc119fb14896d00842faeda5b2f6e5a1b17aed2da2769429c6f94ba51cf5c8515dc50e86a029fd755ad2c24870fadda582f6b5a1e57ab92c12648839fe995c310e6d5e2e348965c6269b15cff978a129861530cae075b42ee4fa4baafc94563907e10f4eb3f9e4a143fe30ac1e79b3d168b2d663823887e1bcb2e412560dc3b1476a24d4f841a0da964a73d7d48b45ec26b915e5f95aa201e7355492040367f3dca8821261443e146c8a39e5e2a155f602a85ff5035237cb677bc8274d043644ea3e581ff0f8a7a18c9e943a31e315570e00566fc53362643730eb6c5cc3f668a731ece15642f1d7ad4b713b2d6fead4a7b478ed2446e1305ee0cfa4749629ce994632f06fac3f60ebdfb3749f2e0867a327131c3482e9f45d53c6f375a0d11b864769d7cd4f5600f7f250ad05fdaaa91862b1c5ee915dfec5505909c54d5d2ef6f251aace9c4e79f4dd598e3521e17d5d290d6daad295b18ee6dfae4f63e0d3564b0eec83b9b4e69459cdc1654ac2f47da22ee6fbbba0949fc44881d479462ded16b10c61ba2eec1db03e9fe1ff4aa8d261bfd6e48253fc0ca1d1e54d523631e06d5336f0e1a7b294edcfb6a711fc76ac29f5055e55cbc15486040bd0d8b985e69555c5fd5ea2000190a90bf63757e30f5f3fff98a4c5e45ab50396070bb0571330c066583acf146804394565fddea14402f29badc772b72c63f8d8a678092582051b750f2dfb0d5f99ccb68d9ddebeb66995d101415d3ec11f994cbee619ba89184ab1e19eb50b9ef0b45461c131716e223689e1d55146c11fb50c95bbcee487a9dc8d7dfd2952823671e12155fa06a0e8705322cb9854f701a455700929560631f166ad3a7266ddd18579112a75fa2aa36608d07f882cc5f1a6a9119d7d4a212d66f2d1a44171d2254699da4abbe59cb9019ec2bc7de5d2ae8995ad317a652ecaf27857203fe9e35aa0c7e5b8beec124b44f823aa6f11333e67e933551c0677e1235af3c857760b29176e073b44671cdb0fb3f8e4a3a58f7958d2f44857d4cc8391b742ef3c536c0f38e8e1a4451b32c31f9c44b7f3e4acb471e4dd5f863343e000bc3fed93490b2ea091964142ded78044853796648e3c121d768a23b40cef77a8d379bf2d631dcc0566e9ddb97a9e24408bd4137ecb2f88672acc7658ddc44567d1df4d43ddef4557c90f5677fd24a50feea35df7c9509e02024fd304bcb3ed94ba8e63a527711c22466f35d71ebc81e5a6b6f7efa8b7039f8b489f0878362e9b900332fbe9a8a10a6257320fe8bb439f1cc4364965c6257d66253e7d6cddce4a92ce386d90dec781a72968f2d253883f586fcac8ac4dfcfd525e37c3e097564007d4db4670f42baafb625b2e0c146f75c02695140189f2d6a44396188d4402c547bed0ee705dd3c14495d80	632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\{5EEF5F4A-C88F170D-C2C70096-E59A1999}\ = 039eab1d560ec6cfefe5a74cc9a7fb42f627f2f24e0644f351416c28a539700c7fbb0a31a738bd0dc8785a71aff4fa7c8ef6bbf3894927bcc289c6c3b2517990c8d4ded3eb11e1af3f1a8a29e6248d80c7d902971152d0d1d7d7dde26b30418c1819ad6c647871730476cdcd2738a2c9ee80a56e9364e91d38d40953a68ee78f3d963492826e115b24562dd3bb2e36053decf4073d828820e30db164fc8ff4c5d853075eb21578af35bab0884b241ec3ebd92197b76272a1f7e4fdaec8a53e5375e90c403a3f3735827cd6779db2abc0468d8de764ede1e447f2324e017a580f6ddab8170e52db2769f2384f0f7a5a4f6f45baecc9c663bc5675138056c99387a15247e742b22fb885f4903d90c8d2f9d7cf6d65d8809588af64a5bd3f374a8d01b824cadd461443ef2e9a7b56b69dc35779227087f89d4dd4245ed16bd3c1a9345c7f950a2c19591710a2656ebc44f6f342399f0bd5feec0a2487b23d49081c7957ccd2e42140e8a9bde3379e32aa066783f229881cd969139cdea8aa7df9480f5afae9c8dbe0913550fc93c916db6d5104a83f440aec86a5c3af917a9c896a6487336dce04dad356265cdd696b80061443d1966762323f074a429f5755a210f75dbd94c89cdae9d01bea110790f214cf1d8517f052c26f00c5bb30094d18642ed35b616ec3dade2f6a3af94f779a72eff98577b332ce37c4420d89a4833e31754c0c3b67369233d9beab4be60622dd592bd0a12e447854acf61be90cfd5179468f233dd97715becb303fb20321073a9d1057ae2ce79094161d3bd23a908f9285bb372c821b766ef3fa89379f72ea31dec06a09bf58f52fc03a04f1be5f0bde7e6a74478d123b6776b27dffb475037ca6f47c4d0b38860c535b66562d9d98eb968692d22e198568e3c0be098a04987116bc93c9998797bd1dc8683addcf6ba55edc2b287ec38b8999e42c6299af93a5a92fdcfa16ceed7abb8ff6a5027f374a82070e9d04e8c39ef155b0d0f4ee3fc54a2fc6a5d36c91fbd0f11e8c2a1ad9efd3a5ae2fc45ad21717d2a216f753cd2e1b1baeeefa7af6310d30e436df73958e139b56e9ed5b475632233fa1cafc384acbe681bd60f77372f6f1fcff898a071ed255d0e066565c6355366073efb6e5fcdc4a1667a2326fb6fafd8f4b45a69c5c54d6e06d41e40c8cdba7e95d6794b26e4805e6b063f0f67bb28ef9a4371132a47facf5a4fce18a1f38ea49fed8f4173fd28a50e11f936ad6e72c1d7be8f6820c7165446ce1b9383333beb6f53cffcbf599c31006d5c3df8eaa1a38e9f383891907143223398e8c653860f5357f8c0a84c782fd08b45d4e14852d1f24957f508a2778520fe75a0291315b846e73057e83cbc6d94cecc61afd694bc4a6029307e1524f9f9ad596a012eeaf3ba576afcc05fb6089d91f532a6679c3f31906687d197428cd25075002a7776dcd18f8ad4878e50963c41e3215f7e04d7e38f50f433a4e89fb07313200474d82dbf8168b53d96e28e5452fd33ae6494ce785e2a080de3c2b497ee40b3f660a6ce7a7122da1581b1316216368b667bc924ae067b562f3d936d733d2f6d0c350d16a2b19dee8ea39f8700f77fab2b136fb830ec1e5e7c0e2a0fe3a0a49f9fccf749a7de8f4e63cfd0b3786bddc74a9339b466ee3fb2eb105bc80881a2629dd00ab5939500ce7674ddd38e8cd6018ebab412110746b3386015c706983586ea97b384977a40232777f824aee87bb02c95920103f1d8a6818412ff47a7ccef6e5f3a38919071012235faeaa24c011565893eee9259840ae717bbcb60a73c1064b9c2697cd9dfbeb4efe65345071af0805659c60a86f9f4515dc6c143bef36a50c50476542c081fe2fb5da33a9f6c78c32593fa84a61872c8de778edb7870202a7c98ddbf8560a63473e02b5714f483a678f6de5c4b0008c167bd3ced9a4a8cdf847cccdc7f82db287cf02e5390fc8fa3dce74bb3dc9f4ff71ca30e0083c19f7acfdf8b4b1328b075e62d5c99fffea8a2618dd6feb3a9ef1140c1d87171d52d4a15cb45402637146fc93082e1e5beb69e198d3522657fd128851e6a043e1ceafa4daa3ee7904cfd37a91c9dcbb548ed09aed2e7bbaf6897ca70bdd1ed42a2e419a9c2f553a10cf57fa928e6f041a4da9f89f7095416c289b4111ac9884941350a65f9c2aaa4721a2a888841be1960fa25a9e171552a05faaaab8410b60de4aabc119fb14896d00842faeda5b2f6e5a1b17aed2da2769429c6f94ba51cf5c8515dc50e86a029fd755ad2c24870fadda582f6b5a1e57ab92c12648839fe995c310e6d5e2e348965c6269b15cff978a129861530cae075b42ee4fa4baafc94563907e10f4eb3f9e4a143fe30ac1e79b3d168b2d663823887e1bcb2e412560dc3b1476a24d4f841a0da964a73d7d48b45ec26b915e5f95aa201e7355492040367f3dca8821261443e146c8a39e5e2a155f602a85ff5035237cb677bc8274d043644ea3e581ff0f8a7a18c9e943a31e315570e00566fc53362643730eb6c5cc3f668a731ece15642f1d7ad4b713b2d6fead4a7b478ed2446e1305ee0cfa4749629ce994632f06fac3f60ebdfb3749f2e0867a327131c3482e9f45d53c6f375a0d11b864769d7cd4f5600f7f250ad05fdaaa91862b1c5ee915dfec5505909c54d5d2ef6f251aace9c4e79f4dd598e3521e17d5d290d6daad295b18ee6dfae4f63e0d3564b0eec83b9b4e69459cdc1654ac2f47da22ee6fbbba0949fc44881d479462ded16b10c61ba2eec1db03e9fe1ff4aa8d261bfd6e48253fc0ca1d1e54d523631e06d5336f0e1a7b294edcfb6a711fc76ac29f5055e55cbc15486040bd0d8b985e69555c5fd5ea2000190a90bf63757e30f5f3fff98a4c5e45ab50396070bb0571330c066583acf146804394565fddea14402f29badc772b72c63f8d8a678092582051b750f2dfb0d5f99ccb68d9ddebeb66995d101415d3ec11f994cbee619ba89184ab1e19eb50b9ef0b45461c131716e223689e1d55146c11fb50c95bbcee487a9dc8d7dfd2952823671e12155fa06a0e8705322cb9854f701a455700929560631f166ad3a7266ddd18579112a75fa2aa36608d07f882cc5f1a6a9119d7d4a212d66f2d1a44171d2254699da4abbe59cb9019ec2bc7de5d2ae8995ad317a652ecaf27857203fe9e35aa0c7e5b8beec124b44f823aa6f11333e67e933551c0677e1235af3c857760b29176e073b44671cdb0fb3f8e4a3a58f7958d2f44857d4cc8391b742ef3c536c0f38e8e1a4451b32c31f9c44b7f3e4acb471e4dd5f863343e000bc3fed93490b2ea091964142ded78044853796648e3c121d768a23b40cef77a8d379bf2d631dcc0566e9ddb97a9e24408bd4137ecb2f88672acc7658ddc44567d1df4d43ddef4557c90f5677fd24a50feea35df7c9509e02024fd304bcb3ed94ba8e63a527711c22466f35d71ebc81e5a6b6f7efa8b7039f8b489f0878362e9b900332fbe9a8a10a6257320fe8bb439f1cc4364965c6257d66253e7d6cddce4a92ce386d90dec781a72968f2d253883f586fcac8ac4dfcfd525e37c3e097564007d4db4670f42baafb625b2e0c146f75c02695140189f2d6a44396188d4402c547bed0ee705dd3c14495d80	632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\{5EEF5F4A-C88F170D-C2C70096-E59A1999}\ = 45c1c646560ec6cfefe5a74cc9a7fb42f627f2f24e0644f351416c28a539700c7fbb0a31a738bd0dc8785a71aff4fa7c8ef6bbf3894927bcc289c6c3b2517990c8d4ded3eb11e1af3f1a8a29e6248d80c7d902971152d0d1d7d7dde26b30418c1819ad6c647871730476cdcd2738a2c9ee80a56e9364e91d38d40953a68ee78f3d963492826e115b24562dd3bb2e36053decf4073d828820e30db164fc8ff4c5df53075eb21578af35bab0884b241ec3ebd92197b76272a1f7e4fdaec8a53e5375e90c403a3f3735827cd6779db2abc0468d8de764ede1e447f2324e017a580f6ddab8170e52db2769f2384f0f7a5a4f6f45baecc9c663bc5675138056c99387a15247e742b22fb885f4903d90c8d2f9d7cf6d65d8809588af64a5bd3f374a8d01b824cadd461443ef2e9a7b56b69dc35779227087f89d4dd4245ed16bd3c1a9345c7f950a2c19591710a2656ebc44f6f342399f0bd5feec0a2487b23d49081c7957ccd2e42140e8a9bde3379e32aa066783f229881cd969139cdea8aa7df9480f5afae9c8dbe0913550fc93c916db6d5104a83f440aec86a5c3af917a9c896a6487336dce04dad356265cdd696b80061443d1966762323f074a429f5755a210f75dbd94c89cdae9d01bea110790f214cf1d8517f052c26f00c5bb30094d18642ed35b616ec3dade2f6a3af94f779a72eff98577b332ce37c4420d89a4833e31754c0c3b67369233d9beab4be60622dd592bd0a12e94f754acf61be90cfd5179468f233dd97715becb303fb20321073a9d1057ae2ce79094161d3bd23a908f9285bb372c821b766ef3fa89379f72ea31dec06a09bf58f52fc03a04f1be5f0bde7e6a74478d123b6776b27dffb475037ca6f47c4d0b38860c535b66562d9d98eb968692d22e198568e3c0be098a04987116bc93c9998797bd1dc8683addcf6ba55edc2b287ec38b8999e42c6299af93a5a92fdcfa16ceed7abb8ff6a5027f374a82070e9d04e8c39ef155b0d0f4ee3fc54a2fc6a5d36c91fbd0f11e8c2a1ad9efd3a5ae2fc45ad21717d2a216f753cd2e1b1baeeefa7af6310d30e436df73958e139b56e9ed5b475632233fa1cafc384acbe681bd60f77372f6f1fcff898a071ed255d0e066565c6355366073efb6e5fcdc4a1667a2326fb6fafd8f4b45a69c5c54d6e06d41e40c8cdba7e95d6794b26e4805e6b063f0f67bb28ef9a4371132a47facf5a4fce18a1f38ea49fed8f4173fd28a50e11f936ad6e72c1d7be8f6820c7165446ce1b9383333beb6f53cffcbf599c31006d5c3df8eaa1a38e9f383891907143223398e8c653860f5357f8c0a84c782fd08b45d4e14852d1f24957f508a2778520fe75a0291315b846e73057e83cbc6d94cecc61afd694bc4a6029307e1524f9f9ad596a012eeaf3ba576afcc05fb6089d91f532a6679c3f31906687d197428cd25075002a7776dcd18f8ad4878e50963c41e3215f7e04d7e38f50f433a4e89fb07313200474d82dbf8168b53d96e28e5452fd33ae6494ce785e2a080de3c2b497ee40b3f660a6ce7a7122da1581b1316216368b667bc924ae067b562f3d936d733d2f6d0c350d16a2b19dee8ea39f8700f77fab2b136fb830ec1e5e7c0e2a0fe3a0a49f9fccf749a7de8f4e63cfd0b3786bddc74a9339b466ee3fb2eb105bc80881a2629dd00ab5939500ce7674ddd38e8cd6018ebab412110746b3386015c706983586ea97b384977a40232777f824aee87bb02c95920103f1d8a6818412ff47a7ccef6e5f3a38919071012235faeaa24c011565893eee9259840ae717bbcb60a73c1064b9c2697cd9dfbeb4efe65345071af0805659c60a86f9f4515dc6c143bef36a50c50476542c081fe2fb5da33a9f6c78c32593fa84a61872c8de778edb7870202a7c98ddbf8560a63473e02b5714f483a678f6de5c4b0008c167bd3ced9a4a8cdf847cccdc7f82db287cf02e5390fc8fa3dce74bb3dc9f4ff71ca30e0083c19f7acfdf8b4b1328b075e62d5c99fffea8a2618dd6feb3a9ef1140c1d87171d52d4a15cb45402637146fc93082e1e5beb69e198d3522657fd128851e6a043e1ceafa4daa3ee7904cfd37a91c9dcbb548ed09aed2e7bbaf6897ca70bdd1ed42a2e419a9c2f553a10cf57fa928e6f041a4da9f89f7095416c289b4111ac9884941350a65f9c2aaa4721a2a888841be1960fa25a9e171552a05faaaab8410b60de4aabc119fb14896d00842faeda5b2f6e5a1b17aed2da2769429c6f94ba51cf5c8515dc50e86a029fd755ad2c24870fadda582f6b5a1e57ab92c12648839fe995c310e6d5e2e348965c6269b15cff978a129861530cae075b42ee4fa4baafc94563907e10f4eb3f9e4a143fe30ac1e79b3d168b2d663823887e1bcb2e412560dc3b1476a24d4f841a0da964a73d7d48b45ec26b915e5f95aa201e7355492040367f3dca8821261443e146c8a39e5e2a155f602a85ff5035237cb677bc8274d043644ea3e581ff0f8a7a18c9e943a31e315570e00566fc53362643730eb6c5cc3f668a731ece15642f1d7ad4b713b2d6fead4a7b478ed2446e1305ee0cfa4749629ce994632f06fac3f60ebdfb3749f2e0867a327131c3482e9f45d53c6f375a0d11b864769d7cd4f5600f7f250ad05fdaaa91862b1c5ee915dfec5505909c54d5d2ef6f251aace9c4e79f4dd598e3521e17d5d290d6daad295b18ee6dfae4f63e0d3564b0eec83b9b4e69459cdc1654ac2f47da22ee6fbbba0949fc44881d479462ded16b10c61ba2eec1db03e9fe1ff4aa8d261bfd6e48253fc0ca1d1e54d523631e06d5336f0e1a7b294edcfb6a711fc76ac29f5055e55cbc15486040bd0d8b985e69555c5fd5ea2000190a90bf63757e30f5f3fff98a4c5e45ab50396070bb0571330c066583acf146804394565fddea14402f29badc772b72c63f8d8a678092582051b750f2dfb0d5f99ccb68d9ddebeb66995d101415d3ec11f994cbee619ba89184ab1e19eb50b9ef0b45461c131716e223689e1d55146c11fb50c95bbcee487a9dc8d7dfd2952823671e12155fa06a0e8705322cb9854f701a455700929560631f166ad3a7266ddd18579112a75fa2aa36608d07f882cc5f1a6a9119d7d4a212d66f2d1a44171d2254699da4abbe59cb9019ec2bc7de5d2ae8995ad317a652ecaf27857203fe9e35aa0c7e5b8beec124b44f823aa6f11333e67e933551c0677e1235af3c857760b29176e073b44671cdb0fb3f8e4a3a58f7958d2f44857d4cc8391b742ef3c536c0f38e8e1a4451b32c31f9c44b7f3e4acb471e4dd5f863343e000bc3fed93490b2ea091964142ded78044853796648e3c121d768a23b40cef77a8d379bf2d631dcc0566e9ddb97a9e24408bd4137ecb2f88672acc7658ddc44567d1df4d43ddef4557c90f5677fd24a50feea35df7c9509e02024fd304bcb3ed94ba8e63a527711c22466f35d71ebc81e5a6b6f7efa8b7039f8b489f0878362e9b900332fbe9a8a10a6257320fe8bb439f1cc4364965c6257d66253e7d6cddce4a92ce386d90dec781a72968f2d253883f586fcac8ac4dfcfd525e37c3e097564007d4db4670f42baafb625b2e0c146f75c02695140189f2d6a44396188d4402c547bed0ee705dd3c14495d80	632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\632c5b173f67deed6dba88f66e58bd2d_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\PCGWIN32.LI5

Filesize
2KB

MD5
c9afb3856adc846e91ef53ddadc22e7d

SHA1
d2bb3ee9a08855a8a5e8385c953bf18b756bd060

SHA256
c25b077e9363acf61c7aa439fd5142b1feb8b4401db5ab10c5a254795fdceb6f

SHA512
29ea8bd12a32a8b6017718de27767bce3dff829bcb82a733bc3a36991528c29a565cf8daebef069fbb083968d84e6f576b427290f182a21757c19e6c58169208

Download Submit
memory/296-0-0x0000000000400000-0x0000000000472000-memory.dmp

Filesize
456KB

Download
memory/296-12-0x0000000000416000-0x0000000000472000-memory.dmp

Filesize
368KB

Download
memory/296-13-0x0000000000400000-0x0000000000472000-memory.dmp

Filesize
456KB

Download
memory/296-14-0x0000000000416000-0x0000000000472000-memory.dmp

Filesize
368KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads