Overview

overview

3

Static

static

1

ff13edea21...118.js

windows7-x64

3

ff13edea21...118.js

windows10-2004-x64

3

Resubmissions

29/09/2024, 18:05 UTC

240929-wpen7sthpk 3

29/09/2024, 18:02 UTC

240929-wmqzfsxgng 3

29/09/2024, 18:02 UTC

240929-wmjkdathkj 3

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/09/2024, 18:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff13edea211a7d72d6efadd73da26370_JaffaCakes118.js

  • Size

    11KB

  • MD5

    ff13edea211a7d72d6efadd73da26370

  • SHA1

    5fe79c04b262139194f885197a1b1b20d17aac59

  • SHA256

    955e2ddbc2637db5af66f920c20765b675c8d2c5bd874be99cc77a07cd15ae5e

  • SHA512

    0d929d2b4e8d8e54720b1a69268d5172a6dd6d3d0f5a5a1b4c266c1e3213c45414e9ee97a2c346d8c3c0eb1215a43c445df7c805c88dcd5c4e0c80fd2e46d25b

  • SSDEEP

    192:fdfNU0t4+E+d6bERcUy2KrPMucEgaUc0NpyTjkOgUu3hRgHmtgqB1gEjhvGO+SPc:LBsUy2mkDEg3N6jkOg3ngGtgs1gOhPPc

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\ff13edea211a7d72d6efadd73da26370_JaffaCakes118.js
    1⤵
      PID:4944

    Network

    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
      Response
      88.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-88deploystaticakamaitechnologiescom
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      76.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      76.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      76.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      76.32.126.40.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      28.118.140.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      28.118.140.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      98.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.209.201.84.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      14.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      83.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      83.210.23.2.in-addr.arpa
      IN PTR
      Response
      83.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-83deploystaticakamaitechnologiescom
    • flag-us
      DNS
      8.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.173.189.20.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      88.210.23.2.in-addr.arpa
      dns
      210 B
       133 B
       3
      1

      DNS Request

      88.210.23.2.in-addr.arpa

      DNS Request

      88.210.23.2.in-addr.arpa

      DNS Request

      88.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      76.32.126.40.in-addr.arpa
      dns
      142 B
       157 B
       2
      1

      DNS Request

      76.32.126.40.in-addr.arpa

      DNS Request

      76.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      18.31.95.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      18.31.95.13.in-addr.arpa

    • 8.8.8.8:53
      26.165.165.52.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      26.165.165.52.in-addr.arpa

    • 8.8.8.8:53
      28.118.140.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      28.118.140.52.in-addr.arpa

    • 8.8.8.8:53
      98.209.201.84.in-addr.arpa
      dns
      72 B
       132 B
       1
      1

      DNS Request

      98.209.201.84.in-addr.arpa

    • 8.8.8.8:53
      14.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      14.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      83.210.23.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      83.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      8.173.189.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      8.173.189.20.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.