Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
02/06/2024, 04:57
Static task
static1
Behavioral task
behavioral1
Sample
8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe
Resource
win10v2004-20240426-en
General
-
Target
8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe
-
Size
191KB
-
MD5
8cf3264a085aaee3dbaf911e7f9bf14d
-
SHA1
f78cfe979e7e047a77ef5c4fad1458b40e4e9518
-
SHA256
22e37a9387c797c6d66a24c95cc4fe0d79c2074a777c336a48e0880fb2f69e64
-
SHA512
4a8b8053eaae478f939c23270948771bee756f21facdd7398e6334ed04688075c9d515382f76983373ffb604218ffe9678b150b7661be0519f161113cb4126f2
-
SSDEEP
3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0dM:HAVySV1eY4k437d+4wkTHdS2aJ
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-3571316656-3665257725-2415531812-1000\Control Panel\International\Geo\Nation 8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4748 8cf3264a085aaee3dbaf911e7f9bf14d_JaffaCakes118.exe