Overview

overview

3

Static

static

3

a44f31ff57...18.exe

windows7-x64

3

a44f31ff57...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-08-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a44f31ff57ca53fc53ebb1c4fe990da7_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    a44f31ff57ca53fc53ebb1c4fe990da7

  • SHA1

    cec309dbbed35538e09d1ace04064d173e517bdd

  • SHA256

    dbeeb8c7b6a1ed08b817a1adceb209565ac8b0c44a042dd2c664fe37f5e75a4f

  • SHA512

    a8fc05d37f2543ca71ac4c4b502c7d9e680d72cc2616c553cb3ce51cb2924a806d5905bba94d5b1da3a002ffec07d46c89279b06bbc1d93355d30be29c548201

  • SSDEEP

    3072:FjG4pPhLI1zwLv/2IfwNeginrIttt76Vt17UiHM:JG0PhLI1zHIjginrmf6Vt1ga

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\a44f31ff57ca53fc53ebb1c4fe990da7_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a44f31ff57ca53fc53ebb1c4fe990da7_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4868-0-0x0000000000400000-0x0000000000589000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/4868-1-0x0000000000400000-0x0000000000589000-memory.dmp

    Filesize

    1.5MB

    Download