Analysis
-
max time kernel
136s -
max time network
142s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
29-07-2024 11:30
Behavioral task
behavioral1
Sample
43aa68d644e46c7b67071b2027c737f9_JaffaCakes118.exe
Resource
win7-20240704-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
43aa68d644e46c7b67071b2027c737f9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
2 signatures
150 seconds
General
-
Target
43aa68d644e46c7b67071b2027c737f9_JaffaCakes118.exe
-
Size
16KB
-
MD5
43aa68d644e46c7b67071b2027c737f9
-
SHA1
75705c5a84699ac1ce8247659060898fc044153f
-
SHA256
6c7b41c48ec91a1d533b4a8ce8837cc5f9326842441c44ecd7400f662bdde16d
-
SHA512
ef3c97cd738ce9443f6f34c84bbb24d1ebdac33047f8879d880870d308103ecb4929adf2c63d97368b3497ca0497b9f851aceb8f3f9a95d28eef6eb8230f0c02
-
SSDEEP
384:OZilPqtlJES8uj9vxJAd3pNcClb5s8dXihym5Ct:OZilPqtlFfFL63pNrLwo
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
43aa68d644e46c7b67071b2027c737f9_JaffaCakes118.exedescription pid process Token: SeDebugPrivilege 2388 43aa68d644e46c7b67071b2027c737f9_JaffaCakes118.exe