Analysis
-
max time kernel
69s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
17-08-2024 02:09
General
-
Target
a0d26efd5ebca8fd27f8e655cab29d1c_JaffaCakes118.exe
-
Size
3.2MB
-
MD5
a0d26efd5ebca8fd27f8e655cab29d1c
-
SHA1
fd957a890ee5a0466e6a015cd573929e3c16cf5b
-
SHA256
cd0af46788be1f97e360055601a332ec2aea36dde8589dde2f34530581f879ef
-
SHA512
88397e87b6f9fa5d8e4d71177a606ebb8ff48c348edf1566b507fd6a0c106642a4ff0bfb26250573119ebc5e8d5b081ccb33d3845e7e4cd622501b7e120688f5
-
SSDEEP
24576:6SylwQP9zWm8s4SI8LUlFl5FpmM84pHBsbSAOidYrovp4Tp9aQCoGsXHR0A5G:RQP9zWmTQcY/mM84pHBMO+YrovpU/903
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\a0d26efd5ebca8fd27f8e655cab29d1c_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\a0d26efd5ebca8fd27f8e655cab29d1c_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3612 -s 2162⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3612 -ip 36121⤵