Analysis
-
max time kernel
141s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
12/08/2024, 03:18
General
-
Target
8d19f3dd50776ce064e2a665287682f6_JaffaCakes118.exe
-
Size
163KB
-
MD5
8d19f3dd50776ce064e2a665287682f6
-
SHA1
599fe3a97d9c3290a6d4f202fd251f605f5c1127
-
SHA256
7157e1469a315f2cfc8c38ee03a5c4d025428fba40a5cecc4859a9c3616265f8
-
SHA512
3497b1bd37ee46ad13a22e0fbf3a5737ffbd5ba94457a50c24bbd33728275001f7e2df3829b60af34b886ab70fc55fb697b60ce9fad74a261739cfa2c8b08164
-
SSDEEP
3072:3y+kOL/10H3UnADB/h/OwHdGBjIWVCbGHTYJWfl1iX3cO4e/P86rWiIaLHp066gV:3f+HHewAMWV1HTtrIcg
Malware Config
Signatures
-
Downloads MZ/PE file
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\8d19f3dd50776ce064e2a665287682f6_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\8d19f3dd50776ce064e2a665287682f6_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2680 -s 12362⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 2680 -ip 26801⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5ef7b8fc0d77085b0ad9fb5aad5736d35
SHA17b5abc77d730544c82f469c5e181f220a21c7574
SHA256ef929da4856b72f9d56c3af9cc0c7164beff0016446b139f64746bf8bd9e9aed
SHA512fadb575e6abf1699dd0358d4fe0524d4c50008d168d90fb15aa7a93698e5410142bf899202c4aa32d962cac786b666126eec3ebdff21ec029015b9bf3c52ebb2