Analysis
-
max time kernel
94s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
06/09/2024, 12:09
General
-
Target
cf7f2f27e9e9336762cf0c01661a272d_JaffaCakes118.exe
-
Size
634KB
-
MD5
cf7f2f27e9e9336762cf0c01661a272d
-
SHA1
dd29b7f9330ce022419b1b58cc080a7aea46e611
-
SHA256
dedf604bd1115c34b97207cc13deff2af2f3e5c6d3f7671b01a49a15c01bba93
-
SHA512
4d22a1e0f6ba7a52d1668e6510452106c40874d4d788c8da2a08ca9bbd731fe25b90a0f3839378939605d6fbdb355df6bb3cee18bdb94fd5387b0c96f5a896d9
-
SSDEEP
12288:3HrYgISqVVRuRry6u3u7JYWFzmXTkcZ2+9pVBkL8PbtJfEJprS:3HrLIZVRuVy6u3gJYU6TkcZ2+9WL8Pbf
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cf7f2f27e9e9336762cf0c01661a272d_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\cf7f2f27e9e9336762cf0c01661a272d_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx