14fbb65fbccc1a461adf5911da07ae765e3c1da87d1b2f61616bc96f7c8182ef

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22-07-2024 13:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

634def6fa1358414f8a1ffbe87c30cc1_JaffaCakes118.exe
Size

111KB
MD5

634def6fa1358414f8a1ffbe87c30cc1
SHA1

a70641236dccf56407ecde811b0a0e97b3040846
SHA256

14fbb65fbccc1a461adf5911da07ae765e3c1da87d1b2f61616bc96f7c8182ef
SHA512

5ba081d03d32ad169de6574855535f6d267b53d514e2a77845f1ddda697c46f9b8ddbadfb8e7256f8f5a10a657e9730186911a39526d1197de2709eface65dfa
SSDEEP

3072:e9FHb49mg2EACg1zmL1UNYeDNfNwjOq0Vwqzbqy:eA9mKAXvN7Nf6OXWqzbq

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2468	634def6fa1358414f8a1ffbe87c30cc1_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3020	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3020	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\634def6fa1358414f8a1ffbe87c30cc1_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\634def6fa1358414f8a1ffbe87c30cc1_JaffaCakes118.exe"
1⤵
- Loads dropped DLL
PID:2468

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4ec 0x4b8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\BASSMOD.dll

Filesize
36KB

MD5
120dd40cacea40e432c5ff09c76f0b4a

SHA1
8ff8fa62af1a2982fafa16fe1868eee99702f3ba

SHA256
6f5e781d0ad7f9c18e5e045cf5fedb8c47a92cd4955bf73fa2874dcd736b39b4

SHA512
82c0d4aee85895dff758913c20e888cdfe48314d0681221d717ca4676baff9abab0c76a349899ffc108e23f61a43210973a1c1cd99e3f6457085f78c946acc68

Download Submit
memory/2468-4-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-6-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-8-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-10-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-12-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-14-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-16-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2468-18-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads