Analysis
-
max time kernel
134s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
18/08/2024, 18:55
Static task
static1
Behavioral task
behavioral1
Sample
a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe
-
Size
211KB
-
MD5
a7d32f2f8d442fefc472c12f3e31597b
-
SHA1
c4255f54e7ee93849f65e2bbc4331bb5e5943b09
-
SHA256
466d2b5c7407880d90ec9043e2aaad4074d7f95c88bb69effc936e45268ee272
-
SHA512
bac4d50d133ad6f67401e10da5050ee62472f39b33cbf73a04107176aab6c4463c216429889e8bbad4a18aece5fc761e52b50cd10e5e67f102fb3a74dcebfbb0
-
SSDEEP
3072:LsTdwBYOIPPjXYiFnZWpil6GGHU4E6lvbyOurCrOIHhEB453w:LsTyw7XYiFnopil6PUsZBSIHhk45g
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4596 3060 WerFault.exe 83 -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\a7d32f2f8d442fefc472c12f3e31597b_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
PID:3060 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3060 -s 2642⤵
- Program crash
PID:4596
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 3060 -ip 30601⤵PID:4912