Overview

overview

10

Static

static

3

JaffaCakes...15.exe

windows7-x64

10

JaffaCakes...15.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-01-2025 23:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_64b853885a233519a4b8d9f462267915.exe

  • Size

    173KB

  • MD5

    64b853885a233519a4b8d9f462267915

  • SHA1

    2212c84eba7e4372da9d88fc128047e39adb372b

  • SHA256

    78ecfce32a61d5786f094f4fc82bdc184b247c346473a931fb909ef9424ed34f

  • SHA512

    bca84625cb2cbacf9b7225f8f5232f449ad972d54dcc449e3c5bbe9453f891160e87e1c6624a4269934710583b3c302ab034fd7415227070bde1c409361bcea1

  • SSDEEP

    3072:3ve0oLKME1LpH+8IlUeN2d1zSdiCKnXUBsjaAtQbCcaSwpZzftQhjrEa:sLKMmLf3ewdZwizgsa3aSqfWjrEa

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_64b853885a233519a4b8d9f462267915.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_64b853885a233519a4b8d9f462267915.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2816
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2816 -s 288
      2⤵
      • Program crash
      PID:856
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 2816 -ip 2816
    1⤵
      PID:4984

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads