Overview

overview

7

Static

static

3

310a7e9ce4...18.exe

windows7-x64

7

310a7e9ce4...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/10/2024, 17:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118.exe

  • Size

    176KB

  • MD5

    310a7e9ce47023fc8b3d426aeb60be45

  • SHA1

    39fc1c51ee3f7e21c41664b436c6700c8a830149

  • SHA256

    8ba8d49d0fd7255993d39e856494991265858e7f11b8e30909ace0ee2a59d23a

  • SHA512

    0ebdd000c02ae20a3c80faa6924f40e7f102e05edc3115df492caded6a02a6643b5eefe989c31f4f50c8e8db842387b278d7fa7de45cb3cda1b0fd9c9bfa01f0

  • SSDEEP

    3072:27FFmH3uMd8gpEI5P2LnXFCo3yP3xH4xC21LTIoZfE6R47nc+m:27FG8KL2zXyGk4P4QN

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\310a7e9ce47023fc8b3d426aeb60be45_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3364
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3364 -s 160
      2⤵
      • Program crash
      PID:4744
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3364 -ip 3364
    1⤵
      PID:1332

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads