Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2025, 20:33

General

  • Target

    JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe

  • Size

    659KB

  • MD5

    4370f30a8ff5ca6a92cb41dd5c6eb630

  • SHA1

    62533e76e25b58615a96d70b4913e74868a3b886

  • SHA256

    a59f4e9896c128232dd7df54e68fe550688527348b57fdc79a355b82d9352285

  • SHA512

    eceec368c0c951968cb8460138567e38852eb23217d955ff770159b4b4ecfd2e652c73cc0d6745709503d8fc77af9deac83263f39f6d9ea713e378b97d819493

  • SSDEEP

    12288:KxOKNZvg35P0CIqfss3NTBizEMARGTqUQ4Oehv/B+:K0KNZvaP0ZsdTByxLuUQs90

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_4370f30a8ff5ca6a92cb41dd5c6eb630.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1312

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1312-0-0x0000000001560000-0x0000000001561000-memory.dmp

          Filesize

          4KB

        • memory/1312-1-0x0000000001560000-0x0000000001561000-memory.dmp

          Filesize

          4KB