Analysis
-
max time kernel
94s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
06/09/2024, 18:48
General
-
Target
d03b552ebc97855b29926937262cb3a6_JaffaCakes118.exe
-
Size
400KB
-
MD5
d03b552ebc97855b29926937262cb3a6
-
SHA1
2438d0ee015376b038a7e3b633751a553a4befbb
-
SHA256
295b95b5bed4d5e594991a675a95028843c1b272a00d299a54824b77ef1efbc3
-
SHA512
badaf5015e5a8fe9bfe70d738ae37e036f366501a9eb2e7780f018b4a5a6b138d952d463b066be13b2a1580228aa11247cc6fc1942f2891306713bbbcd2dd9f2
-
SSDEEP
6144:A+tmUTQKK5jM78yMWgzCEf+IpJLxma/SOoY5sZjRB5T6ssS6WfR5mKC5ldshvN:BnTQKI+MWgzCEGIvLjq6sZtL+4fLkde
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\d03b552ebc97855b29926937262cb3a6_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\d03b552ebc97855b29926937262cb3a6_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5016 -s 5082⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 5016 -ip 50161⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
-
Filesize
808KB