Analysis
-
max time kernel
139s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
18-10-2024 08:49
Static task
static1
Behavioral task
behavioral1
Sample
5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe
Resource
win10v2004-20241007-en
General
-
Target
5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe
-
Size
1.9MB
-
MD5
5681b709a6d11a3d2fc1697507f0d3f3
-
SHA1
04857c042c7bdefc67560dbc5b26acc1f52a5878
-
SHA256
7add58a44b0a7739288c0c0410e084fb327422f03bfdbb9973260c2a858dd014
-
SHA512
61a66b3ec748a38e8756e65db5fa6a804e3e33f693b4ddeecf57a1b992177fd84ec7be07b8c9e5961275c6c7d8d17957f9e7004386b5e682ee4fc33bebfab79b
-
SSDEEP
24576:3FrOPpTc9+kvjz/qWSBNV8nmR7Cf09+XB/MWyCK:VSPNipSBNKmRL3zD
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1332 1760 WerFault.exe 83 -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5681b709a6d11a3d2fc1697507f0d3f3_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
PID:1760 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1760 -s 2682⤵
- Program crash
PID:1332
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 1760 -ip 17601⤵PID:3972