Overview

overview

3

Static

static

1

81cf3d4c5d...18.exe

windows7-x64

3

81cf3d4c5d...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 21:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81cf3d4c5d4a74352f29a030d60b5d36_JaffaCakes118.exe

  • Size

    633KB

  • MD5

    81cf3d4c5d4a74352f29a030d60b5d36

  • SHA1

    41072eb55d5a5624e68bf02647d58c807c307b2a

  • SHA256

    c2ef51a349f0cc15551fedaecbc0fd7f4beed321bf90e6572d25c7ad46f5c0c1

  • SHA512

    5d0c9fe931fe0c623f913d402941de02faa137f8c4e50668bcd5b2a2c7178eaf7b517128225b921f30589fc9d29f16d6c229e481018c544df2980ab8db695bc1

  • SSDEEP

    12288:NGo0iRnxOgwJ8W+S8pE7JYQ/Q3CaF7EwBCsrFBf3/ioLzHdB7htp2U:NGoxn/wJ8W+S8pqJYQMCaF7EwBNn3ao3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81cf3d4c5d4a74352f29a030d60b5d36_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\81cf3d4c5d4a74352f29a030d60b5d36_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads