Overview

overview

3

Static

static

3

a800a748bb...18.exe

windows7-x64

1

a800a748bb...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 19:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe

  • Size

    730KB

  • MD5

    a800a748bb975a2fc7b9f795acaa2ee8

  • SHA1

    d8f31e88911ddf491c6f215a43527e56dadf9880

  • SHA256

    0ccfe4ae70189bb4e8756ab9dcb3823346aeef644c9d062a242f66a23ddcac8a

  • SHA512

    1854f2b91f3d29a69529c79027f2d70e83328bbec010b029153572b152d760a181352ffe6807b720395562e12187ff89e7324c5d79c0a0f6894ad8bd4f4b17e2

  • SSDEEP

    12288:r2yeroqd2h4hyTvHU1rMwpzd+72KC/kbtlcLB0oqCi1LZUKmUp2K+D2B8+Sfw6vO:CfI5vHU1rtpBFKzKB0oqp1LZhp2tD2Br

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2240

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2240-0-0x000007FEF5F0E000-0x000007FEF5F0F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2240-1-0x000007FEF5C50000-0x000007FEF65ED000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2240-4-0x0000000000580000-0x0000000000590000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2240-3-0x0000000000570000-0x0000000000584000-memory.dmp

          Filesize

          80KB

          Download

        • memory/2240-2-0x000007FEF5C50000-0x000007FEF65ED000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2240-5-0x00000000004D0000-0x00000000004DE000-memory.dmp

          Filesize

          56KB

          Download

        • memory/2240-6-0x000007FEF5C50000-0x000007FEF65ED000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/2240-7-0x000007FEF5C50000-0x000007FEF65ED000-memory.dmp

          Filesize

          9.6MB

          Download