Overview

overview

10

Static

static

10

bcdc123a63...18.exe

windows7-x64

1

bcdc123a63...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-08-2024 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bcdc123a636493f3fba1b5391b2c6e9b_JaffaCakes118.exe

  • Size

    487KB

  • MD5

    bcdc123a636493f3fba1b5391b2c6e9b

  • SHA1

    d146a54eb4597e9cbb6a0dddc0c2717fea18244e

  • SHA256

    3449bf3a4a172a755e60ca31b4790dc5a86c4d375c3601a4d3c88833c6c4f112

  • SHA512

    16e9ddf0b00964895aa90043b067b79ed6d196b6e6de1d7bf63accc9aed1e9963c34a9cfe17ad9ff5630823ba9d95d6cf083c56f5a0dee3931fc2cc8ad70671d

  • SSDEEP

    12288:vfPEccw1ao4H5WuIcsPVhKa+BsyeV4pmAItpCx:vfJ8X5dsPVhsfeV4IHI

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bcdc123a636493f3fba1b5391b2c6e9b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bcdc123a636493f3fba1b5391b2c6e9b_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    PID:4444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4444-0-0x00007FFC515F5000-0x00007FFC515F6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4444-1-0x00007FFC51340000-0x00007FFC51CE1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4444-2-0x00007FFC51340000-0x00007FFC51CE1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4444-3-0x000000001B950000-0x000000001BE1E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/4444-4-0x000000001BED0000-0x000000001BF76000-memory.dmp

    Filesize

    664KB

    Download

  • memory/4444-5-0x000000001C020000-0x000000001C0BC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4444-6-0x000000001B3B0000-0x000000001B3B8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4444-7-0x000000001C180000-0x000000001C1CC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/4444-9-0x00007FFC51340000-0x00007FFC51CE1000-memory.dmp

    Filesize

    9.6MB

    Download