Analysis
-
max time kernel
150s -
max time network
131s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
19-09-2024 00:33
Static task
static1
Behavioral task
behavioral1
Sample
ea42bf917509f05ec6914f806320e25a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ea42bf917509f05ec6914f806320e25a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ea42bf917509f05ec6914f806320e25a_JaffaCakes118.exe
-
Size
92KB
-
MD5
ea42bf917509f05ec6914f806320e25a
-
SHA1
8e9e399564ebda3fddb9ec0c25a1fc1748f4d3bf
-
SHA256
1ee1493b2d951e2b1d139a35442d8b1defaf853ce1068937d1f1346b8007c974
-
SHA512
a59d3089840274888da37f2d28fa6c969b543ff5a284984c5c2d8e2cb6b972702d1f4516ffbe9dfe59a79179ee00461f3c13f57d1962dd74a3ca47079d5e14a1
-
SSDEEP
1536:mStuzZStGbT5XZCcdjcUtxfb3SbWtuF/waWmP:UVJbTdZCcdjnthb3SbEuF/waWQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language ea42bf917509f05ec6914f806320e25a_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3040 ea42bf917509f05ec6914f806320e25a_JaffaCakes118.exe