Overview

overview

3

Static

static

3

08415400be...18.exe

windows7-x64

3

08415400be...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 01:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08415400be1d46a0ab2cd501a087a7e8_JaffaCakes118.exe

  • Size

    44KB

  • MD5

    08415400be1d46a0ab2cd501a087a7e8

  • SHA1

    86be9fa49019c8508a57ac2fe59f1e5dc057e356

  • SHA256

    e1be34734707b5a208c56378635b987bbc5043e72dfa3c03a857b5e3fa53381c

  • SHA512

    0d9596f4ee4b32b5031c79c9dcbb0679ff589454d90b890c9e4fed9ea613c7f066cde18dc694b70e02b7298ced11c03af42ad3067c0f5e30e95e091f3e91e921

  • SSDEEP

    768:mfk94gfA3vyyWr3CCPVdJQ2L0N++B752Kd:m8ugfA3vy20dJQ2Yrt2y

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08415400be1d46a0ab2cd501a087a7e8_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\08415400be1d46a0ab2cd501a087a7e8_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2056

Network

  • flag-us
    DNS
    updatebiz.fe100.net
    08415400be1d46a0ab2cd501a087a7e8_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    updatebiz.fe100.net
    IN A
    Response
No results found
  • 8.8.8.8:53
    updatebiz.fe100.net
    dns
    08415400be1d46a0ab2cd501a087a7e8_JaffaCakes118.exe
    65 B
     138 B
     1
    1

    DNS Request

    updatebiz.fe100.net

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.