Overview

overview

8

Static

static

3

8bde965790...18.exe

windows7-x64

8

8bde965790...18.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    12s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 20:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8bde9657904e53a55456da64632ea3dc_JaffaCakes118.exe

  • Size

    80KB

  • MD5

    8bde9657904e53a55456da64632ea3dc

  • SHA1

    2cbc04b8f49a63f6ae004b1eeac330af8ac9f387

  • SHA256

    faace8e80bae3ffb1e5ded9299855ae7d1009c4a5d72d4b95b3fdec708b70ce2

  • SHA512

    6e8f2d70b0057c0e9c7b1df5cad4a35e058d38ace104e7362d312ca582980f6e2248e3c43d58aa3b2d897fa76665b80423cd379d19b1e777a063cd88a5e781a1

  • SSDEEP

    768:HBtV48J1ywLkcn7voD0zzA2pYUW9BccYpms2My2rOndkzVzccVjGkGdB8XiHiTjZ:HSxNcRZckmVMywOwJOo5TWN//LuFOKl

Score
8/10
persistenceprivilege_escalation

Malware Config

Signatures

  • Event Triggered Execution: AppInit DLLs 1 TTPs

    Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    persistenceprivilege_escalation
  • Drops file in System32 directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8bde9657904e53a55456da64632ea3dc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8bde9657904e53a55456da64632ea3dc_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    PID:1848

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1848-1-0x0000000000400000-0x000000000041C000-memory.dmp

          Filesize

          112KB

          Download