Overview

overview

10

Static

static

3

247e2ce013...18.exe

windows7-x64

3

247e2ce013...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    37s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2024 19:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    247e2ce013cbda5db987f42355048389_JaffaCakes118.exe

  • Size

    708KB

  • MD5

    247e2ce013cbda5db987f42355048389

  • SHA1

    1709f83e2066fbbfc9cac502807cb733ebafed6d

  • SHA256

    778a433f0c438f5f4ad261e0c14d350e37f10d8fe4ca7794da84052aa114f94c

  • SHA512

    118680110ef4ba7d344861f052a9d28a1d3a2b2095c0e365ede6341fda44a06faf74b75ab087cd3618020e7c4ef3eca556fbbb4aa63106beb9ea23e04751f5f3

  • SSDEEP

    12288:NNSj3CYRyjC5bhPCd16IUjlNktoJEq/y6INX6LRgU7e9Yn33PZfqFszaldJmlgeF:5CVhPfNDktoGq/wKgDC3hiUaldq5LgA6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\247e2ce013cbda5db987f42355048389_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\247e2ce013cbda5db987f42355048389_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    PID:488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/488-0-0x00000000748EE000-0x00000000748EF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/488-1-0x00000000002C0000-0x0000000000378000-memory.dmp

    Filesize

    736KB

    Download

  • memory/488-2-0x00000000748E0000-0x0000000074FCE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/488-3-0x00000000748EE000-0x00000000748EF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/488-4-0x00000000748E0000-0x0000000074FCE000-memory.dmp

    Filesize

    6.9MB

    Download