Analysis
-
max time kernel
141s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
11/08/2024, 01:33
General
-
Target
887ab0ea23c02f03b6ccfec5e19c51d9_JaffaCakes118.exe
-
Size
94KB
-
MD5
887ab0ea23c02f03b6ccfec5e19c51d9
-
SHA1
0a2b409f629cf60a9699b19e48a60703f0c43167
-
SHA256
e906a7ce91077e86426f103c8b2ff92afc1cdb268061cf12fb04f6279dbe9aa9
-
SHA512
e6bbb20997edee0ebb96ae22c677d9ceccb69fc60606a0c06af83237de063f7bb2d4ee636753003b100fbc5231a5038cf0f4d4eb25fe157c1ec1f8a9e04ef4e7
-
SSDEEP
1536:xBs0QKcZ0WwjUnLxWiisz0NjFDpgYf0yc7on9juwmCyAQpKSJWUe:xBVgj3LYsihDm+V8K9jfmCypKsWUe
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\887ab0ea23c02f03b6ccfec5e19c51d9_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\887ab0ea23c02f03b6ccfec5e19c51d9_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2840 -s 2642⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2840 -ip 28401⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3960,i,15436195446242760253,4000484513008731869,262144 --variations-seed-version --mojo-platform-channel-handle=3784 /prefetch:81⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
100KB
-
Filesize
884KB