Analysis
-
max time kernel
92s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
13-12-2024 17:47
Static task
static1
Behavioral task
behavioral1
Sample
eca9ce5db348469e8a35d1ba90afe9f3_JaffaCakes118.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
eca9ce5db348469e8a35d1ba90afe9f3_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
eca9ce5db348469e8a35d1ba90afe9f3_JaffaCakes118.exe
-
Size
821KB
-
MD5
eca9ce5db348469e8a35d1ba90afe9f3
-
SHA1
0f4e5eeb800071dbb77607be5e074edbb48ec29d
-
SHA256
3fabe9cdeffaae27669588d8bb64ff5180395d242ca9df43505d226739a2848e
-
SHA512
c91044c90f614f385cfd898281a48721ca855bb4b091da4a5fbb703079274bb9b4d20c0f3fd19c57af62d57080ad9875dba37d7c028c8b56cbb553accd09304e
-
SSDEEP
12288:UzCSurc/foCakvmVNp82o9j0i6HlICb+uhNJgjA/ErSKixCasylPxzsc9HkePaYX:UbuQoCqVNp82xJCCauh2A/EuKi1l7X
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language eca9ce5db348469e8a35d1ba90afe9f3_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2160 eca9ce5db348469e8a35d1ba90afe9f3_JaffaCakes118.exe