Overview

overview

3

Static

static

3

de53891772...18.exe

windows7-x64

3

de53891772...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/09/2024, 13:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    de5389177296c144487d0307544eabdf_JaffaCakes118.exe

  • Size

    928KB

  • MD5

    de5389177296c144487d0307544eabdf

  • SHA1

    c38e5f1b24ecd33a6d14456567c8430071a318d5

  • SHA256

    96b9430fb9f4b94622d041c3086ffecd7758757b66363cdd5ae4891dae628caf

  • SHA512

    f31bd3b912586ce57a437514e9b5183e8d99ff1b17350f299d3362bfb597546c7e6cca6e041b4fe7bb9e1bfce526429d25f517b48edd10153e1f7c146c8c653e

  • SSDEEP

    12288:d7dmnKJXatixs1M6WQAaelqByUGS66Q61TEhn7fgBaTQJ+BQtddX:d7dfTe1vWQAaelXK71AwaT6+BEdd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\de5389177296c144487d0307544eabdf_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\de5389177296c144487d0307544eabdf_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1364

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1364-0-0x00000000006B0000-0x00000000006B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1364-1-0x0000000000400000-0x00000000004F1000-memory.dmp

          Filesize

          964KB

          Download