Overview

overview

7

Static

static

3

3ba31df3ab...18.exe

windows7-x64

7

3ba31df3ab...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2024 19:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ba31df3abb126a266e800a9ccb4c4aa_JaffaCakes118.exe

  • Size

    184KB

  • MD5

    3ba31df3abb126a266e800a9ccb4c4aa

  • SHA1

    17a464fde7f29103fabae891524f908dc480baf3

  • SHA256

    23b92aecf8d7e559541c1f29e38b02b79bca56fc112d1c21bf0e35d29351c2e8

  • SHA512

    b8a129c42510c502e96f89b1355200d9b04b993b8453f91d73c88e6ab05bb405028a664706b7a98f94a52c4dcfcfc2545dc11a35d24f2f1b6a28870ac70a5e49

  • SSDEEP

    3072:xuRroT0xcOAEAmjyMhaOc8AMUXYMTxXldk7xKDP7VylPvpFv:xuhoxDEAhMkOc881BlylPvpF

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ba31df3abb126a266e800a9ccb4c4aa_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3ba31df3abb126a266e800a9ccb4c4aa_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1016
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1016 -s 216
      2⤵
      • Program crash
      PID:4864
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1016 -ip 1016
    1⤵
      PID:1708

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads