Overview

overview

3

Static

static

3

81eca4e657...18.exe

windows7-x64

3

81eca4e657...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 22:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81eca4e657bbb108c473ab83b2cf660e_JaffaCakes118.exe

  • Size

    760KB

  • MD5

    81eca4e657bbb108c473ab83b2cf660e

  • SHA1

    5bfbcc2f5a710ce9fa50b92d3f6a4c2d0a1c7c75

  • SHA256

    fb160c8fc175f6644e95dcb4f5a420d7b713854b6b7be0b4f89fd50bd5ba394e

  • SHA512

    14b6320f9c3de7e43aa788777bb0ea24ef17d9ec037e90d81fc3f187c984f86635b6d9de336896aca9b553de6a123e8e233ca1ac97a0fe68570d4793d54da8af

  • SSDEEP

    12288:abomwidnFbGo55OHMffbCx/64SQr69ryHnnbbqBGS+dcp9Y4M/MS08888888888J:VjidF95r3bCxyx98iBGS+dcp9tlSY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\81eca4e657bbb108c473ab83b2cf660e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\81eca4e657bbb108c473ab83b2cf660e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3016-0-0x0000000000400000-0x00000000004D7000-memory.dmp

    Filesize

    860KB

    Download

  • memory/3016-1-0x0000000000300000-0x0000000000301000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3016-2-0x0000000000400000-0x00000000004D7000-memory.dmp

    Filesize

    860KB

    Download