Analysis
-
max time kernel
137s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
19/08/2024, 18:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe
-
Size
978KB
-
MD5
ac1beb95a5c16fe069b47d1361799c17
-
SHA1
bd784d702b8f9ed0eb33c1156f03a6b85bf62e35
-
SHA256
1cd0fa3d3dbbe433906b16410b17f231428e1360ce41d3bfa1743a72a760d599
-
SHA512
7212291c09e7652f34198adb278c3ea6417a7732c8b1d891985fdb71db21e8925fb4216f06c4eb44e8d9e9989fc07501063b97d6e6369bdc051678da92044fc5
-
SSDEEP
768:tks+cAXJpB2TgpZnjJHk/OxJ+oFEZEM/4/:tjrAX5NjJHJ+oFE2M/4/
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\VMIntel386 = "C:\\Windows\\Intelx386\\VMIntel386.exe 256mb 32bit" ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\Intelx386\Follada brutal coño roto.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\RealOne Player (Full version).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Visual C.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Shinchan screen saver.scr ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\PSEmu.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pedofilia pack 37 pics.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Dont Download.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\humor.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pack sex very hot nude young girl porn erotic private pussy rape clitoris suck chicas fotos culos tetas coños mamadas corridas sister hermana amigas friends lesbianas mujeres desnudas putas guarras hentai.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\3D Movie Maker.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Fuck my fat ass.avi.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\GBAEmu.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Dont Touch.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Mazinkaiser pack fondos de escritorio.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Juegos JAVA para NOKIA.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\mugen (full).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Matrix Wallpapers.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WinRar 4 (with crack).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Resident Evil for GameCube.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Capitulos ineditos de DragonBall Z jamas emitidos.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pack Tonos y Logos para Nokia.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Silent Hill.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WAV2MP3.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WinAmp skings and plugins.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\FlashGet Max acceleration (Experimental).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WinAce 3.85 (with Serial).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\MSN messenger 6.3.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Simpsons pack guiones (Temporada 2004).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Nero 7.5.1.0 (cracked!).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pack Photoshop CS 8 plugins.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Hentai Evangelion Poker.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Winamp 3 (full version).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\ContaWin 2000 (full version).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pack 25 Juegos GameCube.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\German extreme violation.mpg.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Hentai Shizuka clit.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\a pelo.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Solo para Maricas.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\No lo Descargues.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\BsPlayer v3.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\3D Studio R8 (It's Work!!).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Hacha Profesional Edition.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Lolita Pack 20 Pics.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Chenoa en cueros.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Winamp 5.0 (full version).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Update Photoshop 8.0 to Photoshop 9.5 (It´s Work!).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Mazinkaiser comics pack.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Pack 50 Juegos PS2.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Visual Basic 6.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Hentai.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Update Photoshop 7.0 to Photoshop 9.16 (It´s Work!).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\DivX 7.2 freeware.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Download Accelerator Plus (DAP) (full version with serial).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Puta come mierda.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\VMIntel386.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WinZip 9.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Visual Studio (full).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Sexo con una menor.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\WinRar v6.11 (with crack).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\RM2GBA.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\VirtualDub 2.1.4.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Terminator 3 Wallpapers.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\Winamp 3.5 (full version).exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe File created C:\Windows\Intelx386\GameCube Emulator.exe ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\ac1beb95a5c16fe069b47d1361799c17_JaffaCakes118.exe"1⤵
- Adds Run key to start application
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
PID:4540
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.7MB
MD58e1ec8d3dab75d64fff560f1badfe881
SHA1d4002361e645430d874fe93224b35d09166cc08a
SHA256d75550ff327e06b379cd7763ced23cc345fb2065e959911b6015385e941fa57c
SHA51298aedc1595a92226cb2be1f3ae4c14104cd570c38e76a3ae90f023c9e8a52fdd98085c5aa40af750a49380db2b4ce2a3ad3fd4ee3446ba2448c64a6e37e81b4b