b153318389bb02dc1288c07713b5f81a7a52b57787ab2f520101514c23a1107d

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22-07-2024 19:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe
Size

180KB
MD5

64757af0d4474bdfeb18cab584cae084
SHA1

1945b47f70e268d027a629f03a4d98931c69822c
SHA256

b153318389bb02dc1288c07713b5f81a7a52b57787ab2f520101514c23a1107d
SHA512

38de716dfcbe59c0abbe3ccf70fe3a54b9a7db87a93a5c5836b479c079979009b787de5b1833c6adad29d655fc0da486ae69fdec9b2a0e97b97ed634cdb923e2
SSDEEP

3072:TTweKloQSrkKgRENEI5apGTwQqVMTW0higMVib4UjIsX:T

Score

6^/10

Malware Config

Signatures

Maps connected drives based on registry 3 TTPs 2 IoCs

Disk information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum	64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\Disk\Enum\0	64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2660	64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\64757af0d4474bdfeb18cab584cae084_JaffaCakes118.exe"
1⤵
- Maps connected drives based on registry
- Suspicious use of SetWindowsHookEx
PID:2660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads