Analysis
-
max time kernel
140s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
11/08/2024, 03:27
General
-
Target
88d27e988e580bdcf6b1ae105d7c70ad_JaffaCakes118.exe
-
Size
801KB
-
MD5
88d27e988e580bdcf6b1ae105d7c70ad
-
SHA1
04e04a7de225197052539b215ca7155da00f1868
-
SHA256
93923d37763f7a86233a4db0e43130323d0eff7ac3f39553cfbc717d9e588b38
-
SHA512
50ae03b5322f466afe6c7ad2f0bab9db79efede2584e3e77a0d3f3aec26023777f8215251988d0bcced4263c479843692f74d83a7a803c1013a82a4fdc7155d7
-
SSDEEP
12288:+PqlDAbt2HGn1dlrRe0eBkjvKghJqmMIA4g+K7TVpSs8PWDsaYmBA4+f:+CrHGn1bYlkjv5hJ3MIAlxTHDg+sAS4m
Score
6/10
Malware Config
Signatures
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Internet Explorer settings 1 TTPs 4 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\88d27e988e580bdcf6b1ae105d7c70ad_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\88d27e988e580bdcf6b1ae105d7c70ad_JaffaCakes118.exe"1⤵
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx