Analysis
-
max time kernel
51s -
max time network
58s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2024 07:35
Static task
static1
Behavioral task
behavioral1
Sample
a473c320f4526faa293f55a5dbf2a638_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a473c320f4526faa293f55a5dbf2a638_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
a473c320f4526faa293f55a5dbf2a638_JaffaCakes118.exe
-
Size
191KB
-
MD5
a473c320f4526faa293f55a5dbf2a638
-
SHA1
72a26f0ba68e4478407ddfe0cd9c963ac4581462
-
SHA256
cb0da02521e07f7257ddd35e44595442b357971babf97a8bea2c0a5d4d6e1feb
-
SHA512
54207c4f1464b67142897b359dc7e99a0706e675fe4ddf574c643ae5239c5e51a681d307d9c3c9473753e73ad2613f682f7bceb741e615b02fba88ecdb0e1bde
-
SSDEEP
3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0dp:HAVySV1eY4k437d+4wkTHdS2B
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation a473c320f4526faa293f55a5dbf2a638_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3948 a473c320f4526faa293f55a5dbf2a638_JaffaCakes118.exe