Analysis
-
max time kernel
140s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/10/2024, 13:59
Static task
static1
Behavioral task
behavioral1
Sample
30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe
-
Size
127KB
-
MD5
30398dc5afb28c208a3c42b9bc20425f
-
SHA1
e8461636c885f1f90b3b4d5e178d6674140c1ddd
-
SHA256
c9ce450b25ee5d85cbf910231065c1f868bc74612766a82b6263355ef9f6484e
-
SHA512
9830cbde6d423cb676c5b9c47ded0913f46c7087c5fd8a7335112d175773c8634e34d4d0c0c8a8e0de1c3f9485b5a80a15dd1c7219514bb20011562a79c7a9de
-
SSDEEP
3072:Xd9xR3G2BZMbBLBaYw0coLujNHEyP0EKMQkpeP:Xd93ZBZMbqYgomHeMQ4eP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 4796 30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe 4796 30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe