Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
26/07/2024, 15:22
General
-
Target
749b45b47e09e1daeb8bfd394d052f55_JaffaCakes118.exe
-
Size
139KB
-
MD5
749b45b47e09e1daeb8bfd394d052f55
-
SHA1
42715805acbf240dbd4299d0635dccab84e4ee9b
-
SHA256
b9dec98f8d3465176d35b5d6b74dedce0fe7b269924bbea8a10875e231d88ffc
-
SHA512
08bc60335b356675b328051525bf3408451e7df450453d33fff1bd96aa749f36ffb59409a4f067925ee2fc816a77ac99fc177704912ae8d09f1bba47a4b9f1e7
-
SSDEEP
3072:57ALeYPiFfs8qr+Nw7h+Feu4g8qbACPAKJr43MIRro47u:5bs8qVTohAM1l3Iic
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\749b45b47e09e1daeb8bfd394d052f55_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\749b45b47e09e1daeb8bfd394d052f55_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken