Analysis

  • max time kernel
    94s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-12-2024 23:05

General

  • Target

    JaffaCakes118_053270af2af8a2c6e24f3c3899c3c8f08782c6b5f36cbc6e34d9d3acc6e48fae.exe

  • Size

    80KB

  • MD5

    bc7ca36d8d092d54a459c04f4df2bf1d

  • SHA1

    4844d784195e89004393a0cdd378212f5f22aa7d

  • SHA256

    053270af2af8a2c6e24f3c3899c3c8f08782c6b5f36cbc6e34d9d3acc6e48fae

  • SHA512

    2414ca2da22e8d1fe2491aa71cf34b4c9832f8405f9a58b101c75b23d633ed8ffbb34c9330369221b15ab1dc8120635dc59ce3dffda790da443562c53933b21e

  • SSDEEP

    768:G3hBdh98zo8hUzAMgRt5O9hDtqCD+4yNdQiEw6ZjqZeS6RXUhS:AdMzAzjavO9uG+NNdQ4MGQRE

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_053270af2af8a2c6e24f3c3899c3c8f08782c6b5f36cbc6e34d9d3acc6e48fae.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_053270af2af8a2c6e24f3c3899c3c8f08782c6b5f36cbc6e34d9d3acc6e48fae.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4616
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4616 -s 216
      2⤵
      • Program crash
      PID:4172
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 4616 -ip 4616
    1⤵
      PID:2712

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads