Overview

overview

10

Static

static

1

dc92098fed...118.js

windows7-x64

10

dc92098fed...118.js

windows10-2004-x64

10

Analysis

  • max time kernel
    125s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-09-2024 16:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc92098fed3f3bd811855c23d7590259_JaffaCakes118.js

  • Size

    19KB

  • MD5

    dc92098fed3f3bd811855c23d7590259

  • SHA1

    91e47896c6e48bc49173ae16fcb5e7d00f4aa91b

  • SHA256

    9471fe7cdfa2a3bdb4e6cb98b1a54ffa45c059db47a4b3b0875b04f9fb967652

  • SHA512

    2964adb2b05eaaa0ab114e749b24da3123b662a163072bedee8462d6466c65eda46fe8f8327ca66f7cde9cc9f1820ab99f0c8328b2d3cecfef63b51e5917809f

  • SSDEEP

    384:cAyFOFwVfmTQ86AHpFh0h4xdeD3Ie9X760vFbQUK3XnE/4ZrKG72WEg:cT8F3TQZAHFa4xU3VLaHtZrKG7BEg

Score
10/10
metasploitbackdoorexecutiontrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://azurlink.net:443/tempur-pedic/tempur-ergo-adjustable-base/mfi134086.html

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\dc92098fed3f3bd811855c23d7590259_JaffaCakes118.js
    1⤵
      PID:5032
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4404,i,1330210614411927383,9239043499051775691,262144 --variations-seed-version --mojo-platform-channel-handle=4444 /prefetch:8
      1⤵
        PID:3956

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/5032-0-0x00007FFCBA6E3000-0x00007FFCBA6E5000-memory.dmp

        Filesize

        8KB

        Download

      • memory/5032-1-0x00007FFCBA6E0000-0x00007FFCBB1A1000-memory.dmp

        Filesize

        10.8MB

        Download

      • memory/5032-2-0x0000022143E50000-0x0000022143FCE000-memory.dmp

        Filesize

        1.5MB

        Download

      • memory/5032-3-0x0000022144500000-0x0000022144A28000-memory.dmp

        Filesize

        5.2MB

        Download

      • memory/5032-4-0x000002212A5B0000-0x000002212A5B8000-memory.dmp

        Filesize

        32KB

        Download

      • memory/5032-5-0x000002212A5D0000-0x000002212A5D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/5032-8-0x00007FFCBA6E0000-0x00007FFCBB1A1000-memory.dmp

        Filesize

        10.8MB

        Download