Overview

overview

3

Static

static

3

c75932891e...18.exe

windows7-x64

1

c75932891e...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/08/2024, 17:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c75932891e5a817d11f0d285c64e17a3_JaffaCakes118.exe

  • Size

    419KB

  • MD5

    c75932891e5a817d11f0d285c64e17a3

  • SHA1

    52c29e9173be08856b77fbfaf6beedf41a14988a

  • SHA256

    e76022f7d0b18e0b9c2c6bdbcdcd4ca02d7574961e7e04a995e3bf2885b63459

  • SHA512

    ccc1a678e8d5e663295ab25c0c9e5b99704fec02fcf608a6bb3300134a0fdd4f8894f552471acd01bda516dce769f1e772d25679f846ac40a8b1e4c5e544ace2

  • SSDEEP

    6144:TZaQE9qioViBT48tkLsuVv/BfLQnOKoXYXf7ZZziINiU3EVH1MjZPXe55rjpTAWy:UQE94V4415dWgc7rGTUUh1kG5Bp8wrA

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\c75932891e5a817d11f0d285c64e17a3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c75932891e5a817d11f0d285c64e17a3_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2872
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2872 -s 224
      2⤵
      • Program crash
      PID:2284
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2872 -ip 2872
    1⤵
      PID:3492

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads