Analysis
-
max time kernel
93s -
max time network
102s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
26-07-2024 13:25
Static task
static1
Behavioral task
behavioral1
Sample
743dffb35937bc120f647deba307f818_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
743dffb35937bc120f647deba307f818_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
743dffb35937bc120f647deba307f818_JaffaCakes118.exe
-
Size
196KB
-
MD5
743dffb35937bc120f647deba307f818
-
SHA1
a6939f9d34831101e0545fdbaa38abd0b77d50cc
-
SHA256
85dadf38f208324d888d49dd8b73cf88fa6344f2816f108655a95c46f65e8101
-
SHA512
6d676c6b0d36b9b9c87e984388c998920920e3223eaf6c2e570c65a45f668ef786aa712bd0384425df606e0d0273fb9155bcd2cf34afad5f0a789c24746abd0a
-
SSDEEP
3072:oetj81dibBYjyUgC87likUjFNkRlIHaG1kKN:u1EtBCIiklkXb
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 3028 4176 WerFault.exe 743dffb35937bc120f647deba307f818_JaffaCakes118.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
743dffb35937bc120f647deba307f818_JaffaCakes118.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 743dffb35937bc120f647deba307f818_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\743dffb35937bc120f647deba307f818_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\743dffb35937bc120f647deba307f818_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4176 -s 2722⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4176 -ip 41761⤵