Overview

overview

7

Static

static

7

c25196b481...18.exe

windows7-x64

3

c25196b481...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 04:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c25196b48116bf9a16ec65ccbe3dd20e_JaffaCakes118.exe

  • Size

    509KB

  • MD5

    c25196b48116bf9a16ec65ccbe3dd20e

  • SHA1

    0c2c0d5c4f79b21969e3ff1e77bede1ba9cfc65b

  • SHA256

    444d2fe48f0c02b312e33d42e32968ebd1519b5e553c217d96b82a4ac07ef559

  • SHA512

    98050dea31d16ada73660245b154a0619a00c48e3edf5051ce9cbe02a2ea4e8de322d12d3be12678f56a0d0191e01ad650fc68a4fa812b4723411285dfc99452

  • SSDEEP

    12288:Ue5M3LcGo7UnRdgLjanu4v8Ic+lzQ+53hquuuuuuuuuuuuuuuuuuuuuuuuuuuuuf:Ub3LcbUnoynd9Bf5ouuuuuuuuuuuuuuU

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\c25196b48116bf9a16ec65ccbe3dd20e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c25196b48116bf9a16ec65ccbe3dd20e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1656-0-0x0000000000400000-0x000000000059A000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1656-1-0x0000000000400000-0x000000000059A000-memory.dmp

    Filesize

    1.6MB

    Download