Overview

overview

7

Static

static

3

df9171a853...18.exe

windows7-x64

7

df9171a853...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/09/2024, 05:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df9171a8530d12e7aab5595e35e6f60d_JaffaCakes118.exe

  • Size

    33KB

  • MD5

    df9171a8530d12e7aab5595e35e6f60d

  • SHA1

    15bd3f85ddc1744f922475a477b2b3298c42cd9a

  • SHA256

    28b1051004d2f0ca424164614ce2fcdd33efbaf52d3efe6d4e649b8c60e84db7

  • SHA512

    c401f8940a407dab8af576066e760cbea9809b814668c61abe77c375ad7ccfe0f7241c6e0d470d368263ae4d44f303b95cc3a2c27029e945a39911722b6c7e90

  • SSDEEP

    768:m8mydAtfPj8KXJXxGz016WzS0LYON6eepd4Jqr:HtAZw2JXxGQbS0161pZ

Score
7/10
discovery

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\df9171a8530d12e7aab5595e35e6f60d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\df9171a8530d12e7aab5595e35e6f60d_JaffaCakes118.exe"
    1⤵
    • Checks computer location settings
    • System Location Discovery: System Language Discovery
    PID:2740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\plugs\mmc186.exe
    Filesize

    16KB

    MD5

    7e1e7d4cba87bc3319ba364d6e80a76b

    SHA1

    74106b1c688ff060f3eeb4c96a6cd396c56ad131

    SHA256

    c0ef699387e41ab836b0276f72c08f0963105b97cb051602d4743b29619c860b

    SHA512

    18a904f5cf92ed651112d978edd8516fa63540028b829545b4dfa722d1eb494143ceb76cd7fe8adaaf7cf155cb84f9d75410b1821ee6f17c03a135479856bdf2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\plugs\mmc186.exe
    Filesize

    16KB

    MD5

    d24c05526a65d8261b60e1b531286420

    SHA1

    9b196880cb3744e03629302628e18e9b6da9c71e

    SHA256

    b9b746c5f5de8b083b2e9208aec4e3878f265f71238a913bf1b07d21e96c4f36

    SHA512

    d8f6085d3a0f80eef8dd1563c77c6a4be24cd30bcaafd85c79ea7c6b61a71c1fd2c41e8a387902e48cbe1ee5f7211f2b4f6f18eee76234106107bdc3710e2c70

    Download Submit