Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
08/09/2024, 11:47
Static task
static1
Behavioral task
behavioral1
Sample
d449ffb160cce42d210fbd141255f940_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d449ffb160cce42d210fbd141255f940_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d449ffb160cce42d210fbd141255f940_JaffaCakes118.exe
-
Size
664KB
-
MD5
d449ffb160cce42d210fbd141255f940
-
SHA1
9a6466ed30fd63e4d8b675e3d987cc409886dcc4
-
SHA256
908777c45551f503ad61975c08af6f217821c0184d73984f655b3694cdd19d21
-
SHA512
a0d72d927aa2c293865a7c2a87dec50a40ee7bfa573effa8d6be3e2173dae682833fca3435c64d69e5a052130cc6b90b5da82289de3c4e6b47646cb495314835
-
SSDEEP
12288:vR5ebofzseSc3bS6cJUqOWKXS5dNczcpQWN76i9Fd1q1sZxrvGMSTqQ:vGMfweSAMAK8q60XqovW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language d449ffb160cce42d210fbd141255f940_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3024 d449ffb160cce42d210fbd141255f940_JaffaCakes118.exe