Overview

overview

3

Static

static

1

de216b7029...18.exe

windows7-x64

3

de216b7029...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 09:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de216b7029387dae795f9f19a1467d99_JaffaCakes118.exe

  • Size

    1.2MB

  • MD5

    de216b7029387dae795f9f19a1467d99

  • SHA1

    84efb66b3b1ba5642214c1b39b82a8835458850b

  • SHA256

    8d3e646bd4880f1be9f6f7814e0ae4014a0fcdb1da904cdcd3227ab57c1b939b

  • SHA512

    7087f9a987ecc230de87556d93b58a49ee7ab01bf6f15c746f722a00a30a72412720716e5bc22462befd883eeb5040fa6916c2a35f79e7438d235349f21eb57a

  • SSDEEP

    24576:dJcp8OjMh1MyVZzEIHz052AVUapmkFDAMWHwVWDJY2oGTeVS0PD0:KdbpFDHP0xTeVI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\de216b7029387dae795f9f19a1467d99_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\de216b7029387dae795f9f19a1467d99_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\SogouPY.users\acc.dat.wtm
    Filesize

    80B

    MD5

    c8947e8f059b3e39fcbe6437dfaf71f4

    SHA1

    2f822c297808f1d47efaa88954e6ad6d007bbf7b

    SHA256

    c2879c6ecae27dc312adc7ad1a8743dc336a915de2c0b0d768efe1cdf7cadcac

    SHA512

    0d511eb72c64dd29f6da4b029c40c5983ee32d01e4fb33e8a94e42e77b9f4984261ff7b194cd0216f23a6f9beebff5dedc2ddc1fa1cbfcdf2f483058eaa5bd1b

    Download Submit