Overview

overview

7

Static

static

3

dfdc25afa9...18.exe

windows7-x64

7

dfdc25afa9...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/09/2024, 08:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dfdc25afa916dbb34f3c978f7274eb45_JaffaCakes118.exe

  • Size

    2.2MB

  • MD5

    dfdc25afa916dbb34f3c978f7274eb45

  • SHA1

    2f03697b45444dac4beea8a1de797f6b048c442b

  • SHA256

    5e2fd81a5fe02cc2714ed000e258b178ac1382c57ee70daccfc1df3f1a0aa980

  • SHA512

    c029171a0d9bf5bcc121a42ea7d37151b5c4daf1225bfcbd8306f9dbe7dc77b7f2d8909ba2cbc624bd7d8b276b7cba7c0a78cc6550a46157e772dc22dab8be0c

  • SSDEEP

    49152:Ala5TxnWfqCppTZG8k68v7g/13n/UfJIMk8L6uiYJvFmXFmxZaw:AI5luqCp5M3sd3n/Ufo3ISXU7a

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\dfdc25afa916dbb34f3c978f7274eb45_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dfdc25afa916dbb34f3c978f7274eb45_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:976

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/976-0-0x00000000033A0000-0x00000000033A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/976-1-0x0000000000401000-0x0000000000402000-memory.dmp

          Filesize

          4KB

          Download

        • memory/976-2-0x0000000000400000-0x0000000000639400-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/976-3-0x0000000000400000-0x0000000000639400-memory.dmp

          Filesize

          2.2MB

          Download