Overview

overview

10

Static

static

10

9254b772e0...18.exe

windows7-x64

6

9254b772e0...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    94s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-11-2024 03:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9254b772e035e4f08ae2c9c0d0453cf3_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    9254b772e035e4f08ae2c9c0d0453cf3

  • SHA1

    34e8c8649072411ad40d95c6d10f3e9e5cbca68d

  • SHA256

    c366d4aaac34ea0cb14c1ab8fd2f55e0bf328001afd258aae4686935205649e5

  • SHA512

    85b3d98e8e1004c0d414f642f1fa4a1c7872be4831d06a550379fcccbe4ba97cd0deb6eb23e874000b4121f0ef83cb8f1c379f975442bff8154625b90e41a180

  • SSDEEP

    192:F5rAjPzOpqUg7oGtlCjM8T4MDemMVGpwHVzoitfcw:F5rAnAELbCDTGFu6toi9cw

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9254b772e035e4f08ae2c9c0d0453cf3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\9254b772e035e4f08ae2c9c0d0453cf3_JaffaCakes118.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2004-0-0x00007FFDE16B5000-0x00007FFDE16B6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2004-1-0x000000001B8F0000-0x000000001BDBE000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2004-2-0x00007FFDE1400000-0x00007FFDE1DA1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2004-3-0x000000001BDC0000-0x000000001BE66000-memory.dmp

    Filesize

    664KB

    Download

  • memory/2004-4-0x000000001BEE0000-0x000000001BF42000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2004-5-0x00007FFDE1400000-0x00007FFDE1DA1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2004-6-0x00007FFDE16B5000-0x00007FFDE16B6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2004-7-0x00007FFDE1400000-0x00007FFDE1DA1000-memory.dmp

    Filesize

    9.6MB

    Download