Overview

overview

10

Static

static

3

JaffaCakes...d5.zip

windows7-x64

3

JaffaCakes...d5.zip

windows10-2004-x64

1

DHL __.pdf(5).exe

windows7-x64

10

DHL __.pdf(5).exe

windows10-2004-x64

10

Resubmissions

14-01-2025 05:40

250114-gc3syaykcv 10

14-01-2025 05:39

250114-gcgwgazqek 3

30-12-2024 20:05

241230-ytyc8ayqgy 10

Analysis

  • max time kernel
    435s
  • max time network
    437s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    14-01-2025 05:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_e620368c0e4424f2207bd1b045c72af6a45ab9f70cb904a9b87eb098150203d5.zip

  • Size

    262KB

  • MD5

    c0500cafe34e3f5b730e2f35c8ac577f

  • SHA1

    799b4b1d203c96cd37165778deda320b6ad56bc6

  • SHA256

    e620368c0e4424f2207bd1b045c72af6a45ab9f70cb904a9b87eb098150203d5

  • SHA512

    67d250745cf2cfdc8540a29c2d4aa193794f0d1f5e9026162b60a47b0cd0477a25ae11d381099be7e5060d37fb9f9e82ee7d9e084eb8e30eba1552589b5cc477

  • SSDEEP

    6144:h6TIBWFI68ccfbUHbd0WEE6NSH3qgFPZcPkcfFLq:h6L78cjHOWve2qgYrFLq

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_e620368c0e4424f2207bd1b045c72af6a45ab9f70cb904a9b87eb098150203d5.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads