Analysis
-
max time kernel
147s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
21-08-2024 12:55
General
-
Target
b3894a0e56030affd0fd7100d34c8e8e_JaffaCakes118.exe
-
Size
616KB
-
MD5
b3894a0e56030affd0fd7100d34c8e8e
-
SHA1
22d545a0a110efb370df530c89288db28ef59fce
-
SHA256
bcecbe8dc0770ab77642260f14e0a9439cde194319d5b32706f10e717515785e
-
SHA512
b8bd9444c4aea734a4f7a8e41161cffc65980d5fc29d9121ae077257b5358b588426280b20d675819a29831e564d8f91610f11df0f4661aff4ced4322302273a
-
SSDEEP
12288:yG8lk31cYYFgEIA9/8eO7JYULIGdcSuyNiPiA9CmrYyMMQorpzp:yGak31/YFgEIA9/dAJYUzcSuyNE19Cmx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b3894a0e56030affd0fd7100d34c8e8e_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\b3894a0e56030affd0fd7100d34c8e8e_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
41KB
MD54022f79a9e9274d531d4359ccb389ae4
SHA1448b004047553c46defd2faab8514ca8bf807685
SHA25639c61f9ee1001931fbc53917d7a722ec5917f4ec537642a06e2a13f0f6436087
SHA5121f75782e78136964c06a0e4a8d0567e1e37ff2bb77c4a0ce8fe41c20863ad2a57673fdf3cbff6202a4e1cf48a40edb0a274be1c19257433eb7d695d3655ce4f8