Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13-10-2024 09:21
Static task
static1
Behavioral task
behavioral1
Sample
3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe
-
Size
552KB
-
MD5
3f0accc1782daee8a324b26aaf03db50
-
SHA1
89caa2596a844ce10ab3634c1d89a1407b4f3dae
-
SHA256
b9c7acccdc00534dab84bdf10e8127e789a697097b4824ec3bb22c165100c35e
-
SHA512
ffdfb46a1014a001c4548e2ebf79e2411de94927c3f5f10419fd3c802c772083f5dc9edd1d24998059b5e3bbca73290498a3165eb45dbd635cfdce5dcdb5aade
-
SSDEEP
6144:Vj7+BvuQ5+BYRVHBCFEZasyk+OpPAGYDZcVl5qvi84Ji8ALpXjCUFE5EQ:VjSAQICVHBCFw/+Op+aUvivPALpuUFW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2344 3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe 2344 3f0accc1782daee8a324b26aaf03db50_JaffaCakes118.exe