Overview

overview

3

Static

static

3

e22186d35c...18.exe

windows7-x64

1

e22186d35c...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/09/2024, 08:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e22186d35c8a2bbde5585a87b78fc9c2_JaffaCakes118.exe

  • Size

    161KB

  • MD5

    e22186d35c8a2bbde5585a87b78fc9c2

  • SHA1

    8dc8af71b8fd104e9a6acd6dbc831c95a3971a6c

  • SHA256

    fdf2bf75caba064115d42394cd20abba3d1e2b62786604305135a7c0283b9ea6

  • SHA512

    81a01656f41c4379b5799540935ad9f9bfeb75a58c9a8ca4444227c1c2d5c10119817fd52fe360453e475263df063465a02a3d97ecd7ea5398b58e26d038a06b

  • SSDEEP

    3072:YsJcIKohUyABz4QbJK6b5a+LHsmmx5H0ZOXm9mB4m7JoooyTiZ:YsSIK7Nd4OM6b1TsZPWOW9qNoooh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e22186d35c8a2bbde5585a87b78fc9c2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e22186d35c8a2bbde5585a87b78fc9c2_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3344-0-0x00007FF9B34A5000-0x00007FF9B34A6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3344-1-0x000000001B9C0000-0x000000001BA66000-memory.dmp

    Filesize

    664KB

    Download

  • memory/3344-2-0x00007FF9B31F0000-0x00007FF9B3B91000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3344-4-0x000000001BF40000-0x000000001C40E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/3344-3-0x00007FF9B31F0000-0x00007FF9B3B91000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3344-5-0x000000001C520000-0x000000001C5BC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3344-6-0x000000001B950000-0x000000001B958000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3344-7-0x000000001C680000-0x000000001C6CC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3344-9-0x00007FF9B31F0000-0x00007FF9B3B91000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3344-10-0x00007FF9B31F0000-0x00007FF9B3B91000-memory.dmp

    Filesize

    9.6MB

    Download