Overview

overview

3

Static

static

3

112aa99ad7...18.exe

windows7-x64

3

112aa99ad7...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2024 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    112aa99ad7b2d78b8bf35db1cf941cf0_JaffaCakes118.exe

  • Size

    609KB

  • MD5

    112aa99ad7b2d78b8bf35db1cf941cf0

  • SHA1

    a595ac00adea1cd4c84644fc7e43e92851ed1864

  • SHA256

    eedcb2348ffef18503250dacde9a10c84a36e46357011e9c08c4a47ae169f09e

  • SHA512

    2d5b64b2a7e10eeb0215e8a0414be8078bb4badbc1bed737e18d92b78ddbf6d5cee1d8c4f79a905519449c1bff73110d94c82f4ae82981acd617f8c3e69d9d29

  • SSDEEP

    12288:gNarN0vwK5iNz2QQg/uXXsy9Dcj9bOaNTTRJuU:zJ0h5iNz2Qv2XXsy9DcjHN/77

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\112aa99ad7b2d78b8bf35db1cf941cf0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\112aa99ad7b2d78b8bf35db1cf941cf0_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2520-0-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2520-1-0x0000000000400000-0x00000000004A2000-memory.dmp

    Filesize

    648KB

    Download