Analysis
-
max time kernel
136s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
23-08-2024 12:53
General
-
Target
bbcf0544525372a48cb7d39285974c90_JaffaCakes118.exe
-
Size
47KB
-
MD5
bbcf0544525372a48cb7d39285974c90
-
SHA1
ab8c843a6a622b5e6a8ca5715f287460b06d20d7
-
SHA256
b8ebdf1a108a3dd19cc95242a0165cb13ede88008d8f75867f91862dde4334b5
-
SHA512
431e6a9e00211c5a5f63e53c137e7674f028a903e1245805f0a4c318fe0f6641df4bb6d0470369f2e2ee55b0ff32257d8bdef3eea71a40952964e0ae640e60df
-
SSDEEP
768:RagDcvogUQd2Z9hAOfdvNX9s3SZDGY8yX3S9Blz4p/p:RPoa9hNvNncyX32/I/p
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\bbcf0544525372a48cb7d39285974c90_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\bbcf0544525372a48cb7d39285974c90_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2408 -s 2202⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2408 -ip 24081⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4344,i,11391966286255097843,10588851088187498028,262144 --variations-seed-version --mojo-platform-channel-handle=3904 /prefetch:81⤵