Overview

overview

3

Static

static

3

a800a748bb...18.exe

windows7-x64

1

a800a748bb...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-08-2024 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe

  • Size

    730KB

  • MD5

    a800a748bb975a2fc7b9f795acaa2ee8

  • SHA1

    d8f31e88911ddf491c6f215a43527e56dadf9880

  • SHA256

    0ccfe4ae70189bb4e8756ab9dcb3823346aeef644c9d062a242f66a23ddcac8a

  • SHA512

    1854f2b91f3d29a69529c79027f2d70e83328bbec010b029153572b152d760a181352ffe6807b720395562e12187ff89e7324c5d79c0a0f6894ad8bd4f4b17e2

  • SSDEEP

    12288:r2yeroqd2h4hyTvHU1rMwpzd+72KC/kbtlcLB0oqCi1LZUKmUp2K+D2B8+Sfw6vO:CfI5vHU1rtpBFKzKB0oqp1LZhp2tD2Br

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a800a748bb975a2fc7b9f795acaa2ee8_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4800-0-0x00007FF99E805000-0x00007FF99E806000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4800-1-0x000000001B540000-0x000000001B5E6000-memory.dmp

    Filesize

    664KB

    Download

  • memory/4800-2-0x00007FF99E550000-0x00007FF99EEF1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4800-3-0x00007FF99E550000-0x00007FF99EEF1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4800-4-0x0000000000CE0000-0x0000000000CF4000-memory.dmp

    Filesize

    80KB

    Download

  • memory/4800-5-0x0000000000AC0000-0x0000000000AD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4800-6-0x0000000000E40000-0x0000000000E4E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4800-7-0x000000001C550000-0x000000001CA1E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/4800-8-0x000000001BAA0000-0x000000001BB3C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4800-9-0x0000000000E30000-0x0000000000E38000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4800-10-0x000000001BF60000-0x000000001BFAC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/4800-11-0x00007FF99E550000-0x00007FF99EEF1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4800-13-0x00007FF99E550000-0x00007FF99EEF1000-memory.dmp

    Filesize

    9.6MB

    Download