Analysis
-
max time kernel
93s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
11-09-2024 11:58
General
-
Target
da4cc7857119f58f14ebad6849c905ad_JaffaCakes118.exe
-
Size
17.5MB
-
MD5
da4cc7857119f58f14ebad6849c905ad
-
SHA1
f3a113ec3ca63d9c042abe7e65e9fa1e831c4bcd
-
SHA256
bd75ae822853ffcc0240a9435ef0d498d69f939c08c66baf4152ff81fd2fa038
-
SHA512
b1f2947684576139a7fd05d09e6fb363641fc3a72165c609f3ab2b3edf418c7104721ddec163cc59e8997a5f4172a2aa123cfc67f919fc5bba343b6bf55045e1
-
SSDEEP
393216:ErPcgj2JunPrZTxaR8fEg5lQZw+lsrwARFIpuCZoc0EDa7EiAt:ErPFXlwSfEeQy+EwARFIUCycxO7At
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\da4cc7857119f58f14ebad6849c905ad_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\da4cc7857119f58f14ebad6849c905ad_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD5d8ccde4f7d6110f806c9c63b30bfcb8c
SHA17b8ef1099bb5eced652fa82278470a4dbb8a4e97
SHA2567315ee331d39fbbb1b9e3b8c1d7ebb599b68d9916270add229dcabb59c975cc7
SHA512068fcc59ccbdce8d01797df90185956485adbbeaab6859f87ecaef12203d7369f95d1834de7e5bf1221c0c1543ef5f69bf29cc1345e95ed046d2ecbc142312fb
-
Filesize
697B
MD57ee49519b42fe984adcd9cbcbc49d009
SHA1a62c96a2ceafd93d17435249d70513b1712477ec
SHA256922f22245493c60ce17e2e1faca56c3ccd547f713408e59fa4048b82811982fd
SHA512dfaf49aeeeca68f2ac1b442c165577dd4c43c8c9f5a52c7ace4d40ec16686d594f8984c2a19197901e10785b9446540db5648da2eb92833e6c9727aa86cd2f56