Analysis
-
max time kernel
93s -
max time network
97s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
25/09/2024, 04:47
General
-
Target
f537da3e7a8d30f00a46407ac6e6877f_JaffaCakes118.exe
-
Size
41KB
-
MD5
f537da3e7a8d30f00a46407ac6e6877f
-
SHA1
e6b5f585c5b1e19108f871001bd3caa4d021714c
-
SHA256
148081ca2368bffff2658312c758aec69fb8c48e65e6ef9269a0e6d849ebe591
-
SHA512
63e8e6676a0675ee3cf9d77c9883fb48265c98d6a32200541555d16fa66839d5b929def0111e6adfd79431b31c0a94e5651556a25817cf55b6a030e4c4cc7fbe
-
SSDEEP
768:F7B4iviJkalCmFMB40dRTYLryC1BJgxAlZWi7EKDEI/qGeJ13Da+17U5W8qbyY:F7BCe7mFMa0dhQr/1TaAl0i2pPR1YERz
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f537da3e7a8d30f00a46407ac6e6877f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\f537da3e7a8d30f00a46407ac6e6877f_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4a0 0x3d41⤵
- Suspicious use of AdjustPrivilegeToken