Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
03/11/2024, 04:41
Static task
static1
Behavioral task
behavioral1
Sample
89af55189cb96821af3776895f599677_JaffaCakes118.zip
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
89af55189cb96821af3776895f599677_JaffaCakes118.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
bootstrap.js
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
bootstrap.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
content/bg.js
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
content/bg.js
Resource
win10v2004-20241007-en
General
-
Target
89af55189cb96821af3776895f599677_JaffaCakes118.zip
-
Size
13KB
-
MD5
89af55189cb96821af3776895f599677
-
SHA1
0fe7cc45e37654f6835662d5f0db09cbc94d7928
-
SHA256
417ae564339c3fbdf0282ab6aec2fb2b20de5259f6070d897a66542d4875fdf1
-
SHA512
5b3c0e3529390e09bcd9cc8f40430ed12c74fab6df5f2cbf8a419ea8103b8925572be28c837f05a39e7a1dee533b805dcfa83c754c326b32949fe1fb4a7c8179
-
SSDEEP
192:IU8UzKNnw7zDsro3v40Cqwb235UsZkJn7ERhzMMMaVqkYTyac7vRgt:oUzKNw7zDs8vj5Uu1ZkJ4Pz7MaTyyBTK
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2620 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2620 7zFM.exe Token: 35 2620 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2620 7zFM.exe