Overview

overview

10

Static

static

3

dad0bad821...18.exe

windows7-x64

10

dad0bad821...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-09-2024 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dad0bad821829c4054e0ff978a93a213_JaffaCakes118.exe

  • Size

    316KB

  • MD5

    dad0bad821829c4054e0ff978a93a213

  • SHA1

    2fc99ae3fad4f5e62d715f14912aa91c869a2421

  • SHA256

    598b3290c262110d7890dbb0e814722762f49662536cacd600510df6cb38ea20

  • SHA512

    4a1313e98403bc80f3dd765817844699ed07149cc5ff452c656e19ad31db3d0f08cc4307279c758e0f0fcb39da7cf03ac4cbaf3fe9287a608fc0cc4a269d793b

  • SSDEEP

    6144:w2gs0IO/PnA5oKEzGWkUdYo0j0gwo0bgE+TWrKJyXP2XoZ41It0qAo:eV/PnvbFdtHXN+TWrKJ7J

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\dad0bad821829c4054e0ff978a93a213_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dad0bad821829c4054e0ff978a93a213_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\meh7AB0.tmp
    Filesize

    208B

    MD5

    84cbb208ba78ffb98a02e61957945046

    SHA1

    fc73142dd133f3dc9bb43e12dc92469f186a86a0

    SHA256

    dfce9507b1867c865b2c82eb5d3d264df36750c624969a6c1e8d5458a4d317d2

    SHA512

    6088183e856259a611f7cfdbf39f357f9ede1ec368e953454369fc9d064a05088fb2b9178d67dd3675b325ebdd0a974bdf0edc3a68e4a4603becd0ea9bb15252

    Download Submit

  • memory/2860-28-0x0000000000401000-0x0000000000402000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2860-27-0x0000000000770000-0x0000000000771000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2860-29-0x0000000000400000-0x00000000004C3200-memory.dmp

    Filesize

    780KB

    Download

  • memory/2860-31-0x0000000000400000-0x00000000004C3200-memory.dmp

    Filesize

    780KB

    Download