Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/06/2024, 04:57

General

  • Target

    8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    8cf3264a085aaee3dbaf911e7f9bf14d

  • SHA1

    f78cfe979e7e047a77ef5c4fad1458b40e4e9518

  • SHA256

    22e37a9387c797c6d66a24c95cc4fe0d79c2074a777c336a48e0880fb2f69e64

  • SHA512

    4a8b8053eaae478f939c23270948771bee756f21facdd7398e6334ed04688075c9d515382f76983373ffb604218ffe9678b150b7661be0519f161113cb4126f2

  • SSDEEP

    3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0dM:HAVySV1eY4k437d+4wkTHdS2aJ

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of SetWindowsHookEx
    PID:4748

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads