Analysis
-
max time kernel
96s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
19-09-2024 06:29
Static task
static1
Behavioral task
behavioral1
Sample
eac2d25f001fd85e856ab2fe7c69c44d_JaffaCakes118.js
Resource
win7-20240708-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
eac2d25f001fd85e856ab2fe7c69c44d_JaffaCakes118.js
Resource
win10v2004-20240802-en
1 signatures
150 seconds
General
-
Target
eac2d25f001fd85e856ab2fe7c69c44d_JaffaCakes118.js
-
Size
58KB
-
MD5
eac2d25f001fd85e856ab2fe7c69c44d
-
SHA1
afb22c7519d94231fc171a2d18284d706b97524f
-
SHA256
a895b1021cb60fd4c7a7ecf0dc8138034d90855484b14c99e9c61ba62f2d5730
-
SHA512
b32563a3e63d993d482edcafeb6fa0b80f796a26c294b0fc34884afadda6451f516277d7769114f73622636c4bac7212ba9e5f83635ea15a63bbf0c6dd881964
-
SSDEEP
768:1dafPM1CbG5hBlH15jEmBKmSHqf5qPfPrl38c4qNHk+dyNhk+dyNhk+dyNhk+dKa:MPMQrl38cNRb91b9awJAhrDr+3qK1Q3
Score
3/10
Malware Config
Signatures
-
Command and Scripting Interpreter: JavaScript 1 TTPs
Processes
Network
-
Remote address:8.8.8.8:53Request241.150.49.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request71.190.18.2.in-addr.arpaIN PTRResponse71.190.18.2.in-addr.arpaIN PTRa2-18-190-71deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request13.227.111.52.in-addr.arpaIN PTRResponse
No results found
-
72 B 158 B 1 1
DNS Request
241.150.49.20.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
71.190.18.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
13.227.111.52.in-addr.arpa