Overview

overview

4

Static

static

3

0aac3f99ed...18.exe

windows7-x64

4

0aac3f99ed...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0aac3f99ed488b5da3e4231b329292f0_JaffaCakes118.exe

  • Size

    619KB

  • MD5

    0aac3f99ed488b5da3e4231b329292f0

  • SHA1

    e67be9ed8a65315b3ddb284745f3729730c5af53

  • SHA256

    36f5a1de5abd4ae747763209005c0538df48cb0d1cbf010da9547bab66c0cf43

  • SHA512

    9445d90a419f380294961b43de67870717716fe260d60bdfa1252544161097ec72229ea7d559bd0605762be3d3eddf24b5864a5e9e191db5f97a29b673f242cb

  • SSDEEP

    12288:eTY26CMvOSfcWmQuOB5G8QJRvuI801FtZHgxf/4CDfm:YTQuEmJR2HQF2f/4CDe

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0aac3f99ed488b5da3e4231b329292f0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0aac3f99ed488b5da3e4231b329292f0_JaffaCakes118.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads