Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
27/01/2025, 20:33
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe
-
Size
659KB
-
MD5
4370f30a8ff5ca6a92cb41dd5c6eb630
-
SHA1
62533e76e25b58615a96d70b4913e74868a3b886
-
SHA256
a59f4e9896c128232dd7df54e68fe550688527348b57fdc79a355b82d9352285
-
SHA512
eceec368c0c951968cb8460138567e38852eb23217d955ff770159b4b4ecfd2e652c73cc0d6745709503d8fc77af9deac83263f39f6d9ea713e378b97d819493
-
SSDEEP
12288:KxOKNZvg35P0CIqfss3NTBizEMARGTqUQ4Oehv/B+:K0KNZvaP0ZsdTByxLuUQs90
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1312 JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe 1312 JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe