Overview

overview

3

Static

static

3

eac3a34255...18.exe

windows7-x64

3

eac3a34255...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    96s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-09-2024 06:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eac3a342558a1bd9940ebd9b798a2077_JaffaCakes118.exe

  • Size

    76KB

  • MD5

    eac3a342558a1bd9940ebd9b798a2077

  • SHA1

    7c62b0e084d42e70089dbb0306dc3e162a056ac5

  • SHA256

    82985b3d6493c72ae46639132081b9be72eecd503b4e4d7e4e7a6629f3170088

  • SHA512

    1831b05a1719694f23e0154891975fbed361ec44acce890b7eca951bc7f2ba83cc722f82ec0fb9b6af0a6ecb9084d9686e9c4caeac461e4e3a9e03e05ec8dc92

  • SSDEEP

    1536:9/Iq9bL2EEUZh7fgGHl+qSkqjxU+4qXsdfva+:JIWbD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eac3a342558a1bd9940ebd9b798a2077_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\eac3a342558a1bd9940ebd9b798a2077_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4740-5-0x00000000021C0000-0x00000000021D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4740-4-0x00000000021B0000-0x00000000021C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4740-3-0x00000000021A0000-0x00000000021B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4740-2-0x0000000002190000-0x00000000021A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4740-1-0x00000000005E0000-0x00000000005F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4740-0-0x00000000005D0000-0x00000000005E0000-memory.dmp

    Filesize

    64KB

    Download