Overview

overview

3

Static

static

3

bfe47d8eb2...18.exe

windows7-x64

3

bfe47d8eb2...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-08-2024 02:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfe47d8eb20603bda38adebf15858345_JaffaCakes118.exe

  • Size

    16KB

  • MD5

    bfe47d8eb20603bda38adebf15858345

  • SHA1

    2a5600e3aa093f935b5e0ee2a48f6d5e285d36dd

  • SHA256

    ecb76340fda4eb0ae12314c867a55cc098ceaac1a8053496efe3aa0b759c085c

  • SHA512

    32252a920bebcb8308383928555ad79fee0ac4b864ce476f283a2a3c5ac6d9ea334905fb1581a57c9fda273ecbbda29f4c84a01e5f6b660b0df926d4b9e04201

  • SSDEEP

    192:Sg6gm1XF88ulrK3yKAC9tR6Xy0bQ91URO:Sg6bXK6YC9r6Xa1URO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bfe47d8eb20603bda38adebf15858345_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bfe47d8eb20603bda38adebf15858345_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/688-0-0x0000000000400000-0x0000000000405000-memory.dmp

    Filesize

    20KB

    Download

  • memory/688-3-0x0000000000400000-0x0000000000405000-memory.dmp

    Filesize

    20KB

    Download