Overview

overview

3

Static

static

3

fcef964220...18.exe

windows7-x64

1

fcef964220...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240910-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-09-2024 18:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fcef964220bb6a4b5c4e2faa0bf0c05c_JaffaCakes118.exe

  • Size

    9KB

  • MD5

    fcef964220bb6a4b5c4e2faa0bf0c05c

  • SHA1

    d164aea9f998c9797ba809327f6cbc1cd33e0b71

  • SHA256

    964753b0a40f971af75375c1ec8b2421a66fe431f762e1543b35a34886b4c92f

  • SHA512

    d4411bfd3b275cfafd89f2e2821183bcfdc1b44e545ceb49b80f6e9700f5b6be307b9ec44cf5c507061d2469ee62e3cc472f94fd815d2a2af036925dfdf48631

  • SSDEEP

    192:DOhBksurzHNQi8eMZZ3w93VnjdwqzL3uT2FQ:DvHd8eMkFnhwqnu2F

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fcef964220bb6a4b5c4e2faa0bf0c05c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fcef964220bb6a4b5c4e2faa0bf0c05c_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5036-1-0x00007FFC17FE0000-0x00007FFC1807D000-memory.dmp

    Filesize

    628KB

    Download

  • memory/5036-0-0x0000000000B70000-0x0000000000B78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/5036-2-0x0000000001340000-0x0000000001352000-memory.dmp

    Filesize

    72KB

    Download

  • memory/5036-3-0x0000000002EA0000-0x0000000002EDC000-memory.dmp

    Filesize

    240KB

    Download