Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
28-07-2024 18:22
Behavioral task
behavioral1
Sample
1c2061f1dc5aa415ec1f8ff687223a5d_JaffaCakes118.exe
Resource
win7-20240729-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1c2061f1dc5aa415ec1f8ff687223a5d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
2 signatures
150 seconds
General
-
Target
1c2061f1dc5aa415ec1f8ff687223a5d_JaffaCakes118.exe
-
Size
16KB
-
MD5
1c2061f1dc5aa415ec1f8ff687223a5d
-
SHA1
8dfa1fc3f730c58c6c5c69466134457a8c523441
-
SHA256
4e41cb05ea8dcee1742ed87963fd50d200216f9c785f185f27b75978db49fc58
-
SHA512
ea70a13d7623a274d3ef6cb58178bd976eeb07307c5feb7358cd6e6223e63e65da35df312ecf79444baf24440b886683f6862f6822f3b3b44294da6a70a3b058
-
SSDEEP
384:HZilPqtlJES8uj9IxJAd3pNcClb5svkdyW5Ct:HZilPqtlFfuL63pNrNo
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
1c2061f1dc5aa415ec1f8ff687223a5d_JaffaCakes118.exedescription pid process Token: SeDebugPrivilege 4732 1c2061f1dc5aa415ec1f8ff687223a5d_JaffaCakes118.exe