Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
11/08/2024, 02:20
General
-
Target
889e8dd8d5dc437974aba766627b22bc_JaffaCakes118.exe
-
Size
3.7MB
-
MD5
889e8dd8d5dc437974aba766627b22bc
-
SHA1
52b79415aa7ed1b9ae460a244ad77cc670c84f50
-
SHA256
8454ab121e6f08ee523ec1b4e50428d8ccca26e4c2bc72621c7ed1dcb11039d3
-
SHA512
b2c9767c9cdfbba2cf2a20f6e59d170c9c69fbfe0dc6e5f6dbdcffa15358045c7c98a8d362a72ba8dd7d85e49612195682fd4ddfe7bf5c772d2bd51677dd924f
-
SSDEEP
49152:lA1i7/yuu9xZJLH2EXNt4/UZqeB0s67i41qvMNV2gWH2M7BJZMxcZGPMLpqfypE5:lWj955XNtdxMeH2M7B4x2GWoqo
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\889e8dd8d5dc437974aba766627b22bc_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\889e8dd8d5dc437974aba766627b22bc_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4872 -s 4042⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 4872 -ip 48721⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.7MB