Overview

overview

3

Static

static

3

a789982107...18.exe

windows7-x64

1

a789982107...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2024 17:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a789982107d120cbe8356ec56911275d_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    a789982107d120cbe8356ec56911275d

  • SHA1

    3d8bdd5b2843eb2d067f20093b95692487efbe19

  • SHA256

    b06509e18f0c62e9be04877142634cae9fe3a116d484a661a6a9a29af45d40b8

  • SHA512

    301362b3ca6c6a37f25f8eea43a06579789ab9fe175c30cf38ea5c5b02e12c4ed06bad7377f302d5486e4af82ea8c7d1911c45d0e51d8c9db689c11180f63aa2

  • SSDEEP

    24576:BuZGW+wsDaQw6DDz3qRyPnmGfrnvVUKueY8RmneWtJyW8wndPe:BuZGasY6DwOBfrnvV7UeWtQW8J

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a789982107d120cbe8356ec56911275d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a789982107d120cbe8356ec56911275d_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1496-0-0x000007FEF631E000-0x000007FEF631F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1496-1-0x000007FEF6060000-0x000007FEF69FD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1496-2-0x000007FEF6060000-0x000007FEF69FD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1496-10-0x000007FEF6060000-0x000007FEF69FD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1496-11-0x000007FEF6060000-0x000007FEF69FD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1496-12-0x000007FEF631E000-0x000007FEF631F000-memory.dmp

    Filesize

    4KB

    Download