Overview

overview

10

Static

static

10

JaffaCakes...75.dll

windows7-x64

3

JaffaCakes...75.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    95s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/03/2025, 15:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_59d8047bef1d50eaca2c273f8e737c75.dll

  • Size

    110KB

  • MD5

    59d8047bef1d50eaca2c273f8e737c75

  • SHA1

    b2cc66426942941e22523702ce4f96c8bf2e8c94

  • SHA256

    c56774949643b4dddc5bb00508246d4a26f63792a94a23d5ccd9d9205213ca26

  • SHA512

    6ea4e20798089a3549629d457c1db69e445f4e9db158d617ee2a4c9cf20dff7818780d682c7724c5194b7906a016ebef740cdcb02a33574c3a8f7afae61c69e9

  • SSDEEP

    3072:Pfi0kh7fqysVjCmu07AFmj4xnQI9fU8p6urqpvef:i0kJSyEjRXAVKIFf6urqpv

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_59d8047bef1d50eaca2c273f8e737c75.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1028
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_59d8047bef1d50eaca2c273f8e737c75.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads