Analysis

  • max time kernel
    94s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/09/2024, 08:19

General

  • Target

    fa0d725774c7fdb69ed5d53bd99ba7ff_JaffaCakes118.exe

  • Size

    61KB

  • MD5

    fa0d725774c7fdb69ed5d53bd99ba7ff

  • SHA1

    3e14acf88ee64fbfae981dd86fc475820bd71158

  • SHA256

    7e3bdc893a3fdef5e5b2ea3de28e1b46ecdfe49da38b7449dce220fb56ff11ef

  • SHA512

    d2d4bda51d3cd5dc307dcd9f3c004295f622db4fab512bf7829a01c44fd96d413841eba5080210ad6331e93581f3a5eeb8d9c54dc5a8b6cf17e2e8b2ca350ce3

  • SSDEEP

    1536:MtV7Nqr7gnb0O838B13tnFs/vIwtkQWrbw7f:W/iUb0uB18/vIHtwf

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa0d725774c7fdb69ed5d53bd99ba7ff_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fa0d725774c7fdb69ed5d53bd99ba7ff_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    PID:4760

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\dhbxgm.hun

          Filesize

          94KB

          MD5

          299a7b1a6146cc7f22e8fb4a313d26dd

          SHA1

          f07444e6e9020fd31b20ed6a2223df1b04b8b282

          SHA256

          d514d02dbae14907f280ef70f0f42a027c988de5ec3f0c6a9bc8620d2f4bc76b

          SHA512

          60f714b8768332bba9b952455f384831fa554a918bc1acbb3c75e13e159af3eed0e9a76192e7372d79c7df39f6eb391876f01f997cb5079806d9d7b3114f8d29