Analysis

  • max time kernel
    141s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-08-2024 14:38

General

  • Target

    bc256205ca6b53454e4fc0b84749f820_JaffaCakes118.exe

  • Size

    222KB

  • MD5

    bc256205ca6b53454e4fc0b84749f820

  • SHA1

    3854f2dd3c5b22235b4af311f77c304980a1f18c

  • SHA256

    09ba5b05039360fc6b4a9521ca1c2297035bd59e36fbad6ec477154d7d036e47

  • SHA512

    702fac9a61518e29602cdd5b00d09c2075b227b0a98eca858a426a7da2f2ae5c8e714656a570f84e7929c906f5904f1cd1bbe7d1b19b819093b62e91d711b9c8

  • SSDEEP

    6144:lijYe4VGbYuIo0B+38uLylGpTdNRU2JCK:lw4Vrno1pa2MK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\bc256205ca6b53454e4fc0b84749f820_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bc256205ca6b53454e4fc0b84749f820_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3920-0-0x0000000000400000-0x0000000000421000-memory.dmp

    Filesize

    132KB