Overview

overview

3

Static

static

3

baf244c1fd...18.exe

windows7-x64

1

baf244c1fd...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/08/2024, 08:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    baf244c1fd90dc13701147e47c65b9aa_JaffaCakes118.exe

  • Size

    30KB

  • MD5

    baf244c1fd90dc13701147e47c65b9aa

  • SHA1

    7d088142e0f674b31274d2e8f6d608e7c1cb5b98

  • SHA256

    9f52ffc97c988b779fc2aee3885403c1a899a0f871c01e1016a3063e44633935

  • SHA512

    fe2fd948632c8d5fa8d328cdfa7fc50fa49e2d5d92e4a635f077c85aca4c0945e41a2c53ab05e399300f0f58a7f7a64d2c2a5f124566c910ac92636cccd0ba5c

  • SSDEEP

    192:1BXjWCrxI6Fg9VpUMkcHtUajfUpf4KF5/sESGQ:1BzWUxPFg9HnxtUajfKb+GQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\baf244c1fd90dc13701147e47c65b9aa_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\baf244c1fd90dc13701147e47c65b9aa_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1748
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4372,i,3239535018877284530,3457823197501312703,262144 --variations-seed-version --mojo-platform-channel-handle=1036 /prefetch:8
    1⤵
      PID:4680

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1748-0-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-1-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-2-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-3-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-4-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-5-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-6-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-7-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-8-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-9-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-10-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-11-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-12-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download

    • memory/1748-13-0x0000000000130000-0x0000000000137A80-memory.dmp

      Filesize

      30KB

      Download