Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
01-07-2024 07:48
General
-
Target
1a7df6ead561967345bd81bc38aa36f1_JaffaCakes118.exe
-
Size
2.9MB
-
MD5
1a7df6ead561967345bd81bc38aa36f1
-
SHA1
d1bf6ae452f5bd9bf04160d18f93506bd3fa4c7c
-
SHA256
9b1adeb3426adffb30e74cc877c20d29fba2e35515943bec62dafecf2b955736
-
SHA512
b4cb884de6c47577f84997eb9c21a64ac93b30c1534c88bdd71d2c1b36742322c4d6e7209b2ea8b867466dc024a79d54a362c9140d5b49dcf64f67bc56a677ab
-
SSDEEP
49152:blkJR0kxNrpU408hG2oKzbqO0Bz99UxEX8V72aExG4bNsWkn50a86tFX80oIKMxh:BkDtVF083mp59UxEsoxZqn50a86tFXQ4
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1a7df6ead561967345bd81bc38aa36f1_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\1a7df6ead561967345bd81bc38aa36f1_JaffaCakes118.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\TMP0021.exeC:\Users\Admin\AppData\Local\TMP0021.exe pth:C:\Users\Admin\AppData\Local\Temp\1a7df6ead561967345bd81bc38aa36f1_JaffaCakes118.exe2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\TMP0021.exeFilesize
2.9MB
MD55e7d69669e385f1083001aa573511b57
SHA16584f7a3aea6c429640d70979d6dd2850c98f09b
SHA25626ce408a803c94a29f5621e2af577a72c6bd316747e89970b15234a22c579911
SHA512cefd04b5a0e052870596f7c07d1508fb1d0a94761d08a5983e4e9d32bcebc6d7fa6b5b94d4f21f7542c5a23a22aed47433722c3ed322c09bc46c9344392c57f7