Analysis
-
max time kernel
144s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
09-09-2024 16:19
Static task
static1
Behavioral task
behavioral1
Sample
d6ae3099e6f4df5249e88f8660992bbb_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d6ae3099e6f4df5249e88f8660992bbb_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
d6ae3099e6f4df5249e88f8660992bbb_JaffaCakes118.exe
-
Size
40KB
-
MD5
d6ae3099e6f4df5249e88f8660992bbb
-
SHA1
aa66b3a0c342fd496e0ffd775885f5dcda263613
-
SHA256
b575a1a744fb2006509944659100f58c12b6cbe5653041c0e53e2fed85b33a9e
-
SHA512
af41b6f497c92ddd2fee45bd9af895e858f612a0c86d19371967217ea5ce4d2a6b8dcaa29523037110f23d917160d8cf201e7cdf50be923467bb6f450f99af92
-
SSDEEP
384:VV33cXHCzHRM8NJP1biP2iGh+RJWV33cXHCzHb:n3oHCzHq4Nb0vGhAi3oHCzHb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language d6ae3099e6f4df5249e88f8660992bbb_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2480 d6ae3099e6f4df5249e88f8660992bbb_JaffaCakes118.exe