Analysis
-
max time kernel
94s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
24-11-2024 00:29
General
-
Target
918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118.exe
-
Size
197KB
-
MD5
918b29a560e7609cd39d2142f72bf4ed
-
SHA1
6e3dda463392fb0ab497ebd0945bc550b456c282
-
SHA256
b46fdb1531449902376d8bc1b38089d05a440aa7ea09ea2e45d5a17c2aff5e8f
-
SHA512
2dc2974183bc36cfc9311ea5dc195d3e5fa46d7f66660044f8f7b7b6228c9f36284120b16c4dfce3ecd156cebe7cdc97f83e5098615b5c89fdabbff1185d8534
-
SSDEEP
3072:pewiMia34BPppLj5nB4BoKWvSpk4SyEo0ltWofVpapaXZwYK9eo3EQm/2:Ya38jBB43HSyVE4ozapGyYKso0Q
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4512 -s 4082⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 4512 -ip 45121⤵