Analysis
-
max time kernel
132s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
17/08/2024, 19:33
General
-
Target
a3d91dfe08bbde277f73eb28edc1aff6_JaffaCakes118.dll
-
Size
80KB
-
MD5
a3d91dfe08bbde277f73eb28edc1aff6
-
SHA1
df37dad1aab53263ef12ddb86f8699f662f21453
-
SHA256
d2e054e015e016f0d95a8e812901383699315bf16b9d78782a2db63171a1ac14
-
SHA512
5e719c04e0ac9e54de516f31155b99c7f99fb8e0f052beb8235f7eed7c9e3dfe67ed33dede5df156191f9fee7175566cac75f9465cead4853c32e0abfcc79de4
-
SSDEEP
768:1E2S53h/ouxnaWhw/IbRnxI+fTAefToi/pwcyEKoGB2iB94ZUXu21bYoFqy8qLmc:18aW6/kxNfT9/0EEm17oF7B
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3d91dfe08bbde277f73eb28edc1aff6_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3d91dfe08bbde277f73eb28edc1aff6_JaffaCakes118.dll,#12⤵
- System Location Discovery: System Language Discovery
-