Overview

overview

3

Static

static

3

3a07037502...18.exe

windows7-x64

3

3a07037502...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2024 12:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a0703750278993165d80378f1191aed_JaffaCakes118.exe

  • Size

    687KB

  • MD5

    3a0703750278993165d80378f1191aed

  • SHA1

    90dbd39584d3880d136a07db05df702e25aaf67e

  • SHA256

    50156dd3e4632ef5109a4fe726a4ac5a533c8043002677e774acf2520b5b1287

  • SHA512

    080f8bf558ccfd2b3c527f45f3f2dfed5e304e901252c38783bdfd74badefa26ab7a4fe9ce43349155d582ffe42dc5ebe107d6532ecb6efe213a0b9c87898966

  • SSDEEP

    6144:GB9Fk9Su+G/ly0xXz0oNlsOzrRJ3KbNCLbw/zooRT5rTyTOXOqmuChHoaNDBW2LK:GqSu+G/ly0xXzZFM8Lkz1/ChH7m2G

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a0703750278993165d80378f1191aed_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a0703750278993165d80378f1191aed_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads