Analysis
-
max time kernel
150s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
20/09/2024, 22:53
Static task
static1
Behavioral task
behavioral1
Sample
ee96418acc1f08a3c478730ab7cd0538_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ee96418acc1f08a3c478730ab7cd0538_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
ee96418acc1f08a3c478730ab7cd0538_JaffaCakes118.exe
-
Size
112KB
-
MD5
ee96418acc1f08a3c478730ab7cd0538
-
SHA1
3800ed71944601bdda0ecea5d70efa6236778a83
-
SHA256
8f1eb941048a6ea4f2fd2262c10cbf09fbe2d2b1278c1b9ca18f65d48bc77734
-
SHA512
a6f5977011a33d1c1c9b98595183d76e64698183ce218281a5267cac1aa0b832a90fed1c0615af9c05e28caa302655fe4a3828dbe19acc15cafd68bee529c649
-
SSDEEP
3072:VVJbTdZCcdjnthb3SbEuF/SWaH+BMvywf:VVVdBhrduF/SW1Kvj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language ee96418acc1f08a3c478730ab7cd0538_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2352 ee96418acc1f08a3c478730ab7cd0538_JaffaCakes118.exe