Analysis
-
max time kernel
141s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
18/08/2024, 14:59
Behavioral task
behavioral1
Sample
a71a73e16592ae3002f1b66357dc7985_JaffaCakes118.exe
Resource
win7-20240729-en
General
-
Target
a71a73e16592ae3002f1b66357dc7985_JaffaCakes118.exe
-
Size
18KB
-
MD5
a71a73e16592ae3002f1b66357dc7985
-
SHA1
c32432bdbe34bfb7e00fdccf76b879bac47b21fc
-
SHA256
982171b4e8467d0a40354617293b361f3dad719b47f50e8fe1311c49f6384250
-
SHA512
a0af1b2b8e8bb98ee70e2e60c56a565e6245cf84b971db97a58c6e4ecb5c4893b96a73b7fabe7163d100f40f4e614317e1aaa880646e3730fcefad7c9542eadc
-
SSDEEP
384:R36z+lbn2ztxKQrv6WZVYxSps2BjtCzijqJEdi5N8M3:R3e+lbn2/7b3OSq2BjtCzMq3oM3
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 528 a71a73e16592ae3002f1b66357dc7985_JaffaCakes118.exe -
resource yara_rule behavioral1/memory/528-0-0x0000000000400000-0x0000000000413000-memory.dmp upx behavioral1/memory/528-8-0x0000000000400000-0x0000000000413000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a71a73e16592ae3002f1b66357dc7985_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 528 a71a73e16592ae3002f1b66357dc7985_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD593894480064296aa2d0cad4679e1ca9f
SHA157761014354ee8d74968bfecfddf990706040ee7
SHA25689fe09925a664ed7bd60a909f409c79c360548c116d7b5748ef937126253d62d
SHA512b680ab12ef1db4bafb83473785a75d171d96d9694ad10112efed06663eef40c2c10253921f9c14d8ce8482002231652ea829678050205d56a760b430efc82a09