Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/10/2024, 13:59

General

  • Target

    30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe

  • Size

    127KB

  • MD5

    30398dc5afb28c208a3c42b9bc20425f

  • SHA1

    e8461636c885f1f90b3b4d5e178d6674140c1ddd

  • SHA256

    c9ce450b25ee5d85cbf910231065c1f868bc74612766a82b6263355ef9f6484e

  • SHA512

    9830cbde6d423cb676c5b9c47ded0913f46c7087c5fd8a7335112d175773c8634e34d4d0c0c8a8e0de1c3f9485b5a80a15dd1c7219514bb20011562a79c7a9de

  • SSDEEP

    3072:Xd9xR3G2BZMbBLBaYw0coLujNHEyP0EKMQkpeP:Xd93ZBZMbqYgomHeMQ4eP

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\30398dc5afb28c208a3c42b9bc20425f_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4796

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4796-0-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB