Analysis
-
max time kernel
23s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14/09/2024, 03:38
General
-
Target
df6b6d4084024041e0e635796eb4684b_JaffaCakes118.exe
-
Size
5.4MB
-
MD5
df6b6d4084024041e0e635796eb4684b
-
SHA1
fc61b6c2970580c38d27bc344b143dfbc34a98b1
-
SHA256
441c1e2eb40efb8783752cb8d38af2e88142cb6dcfc128fa45d3cc43cd6f4fd8
-
SHA512
4381abc0065b4ec0a241183a739ad8878990f79fd068f1b7d768e857e99174b28c21be492bd383f2cf6b1c2a79b0f27d96deeb0b0a95509798f0a9a48822d88a
-
SSDEEP
98304:NmDlh0kQMOINDIQlzhzgdxF7LXF3khrs9JScJd4MA:YDlygDIqzgdxF7LX8siN
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies Control Panel 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\df6b6d4084024041e0e635796eb4684b_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\df6b6d4084024041e0e635796eb4684b_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Modifies Control Panel
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
29B
MD599fb8e84b8aa92889349054a60e1f359
SHA11b3dd1afb4fe4533ca16db4dd3e7845c13b0e1c5
SHA2565313e624a817ebcb34675027d12b87465de4fc4fdddfdd74d244490c4911b8e4
SHA5122a99095109445c3ca1b9fad5c87fdfed331641401ca8d19d3ab4d109e18b9dc5feb739485f14f390bd3bcfa3a4325e3b1278fe1bb8690dd8df16edb9af52faac
-
Filesize
4KB
-
Filesize
4KB