Overview

overview

10

Static

static

3

JaffaCakes...09.exe

windows7-x64

10

JaffaCakes...09.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-01-2025 22:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_98fab08e5be7e045d7e26ea268987a09.exe

  • Size

    165KB

  • MD5

    98fab08e5be7e045d7e26ea268987a09

  • SHA1

    59c57316d35d3b29cd36ae80c3829c536bf2c178

  • SHA256

    6f1c028a4d54937d7efbf76a62a363da0913e8012a24a3a5a38807ade05aeb51

  • SHA512

    9989b3d4f1982e73cdd3eb81648116a07a0b6fd3c11e3ecb74559662a4d6a90f879c6422d876f7fe6b347596cc98e841fce7c31dd178e1321c4778fe395939a6

  • SSDEEP

    3072:2WdS4UTsNp/bmTgJMg93Cv2QE60QbxfS8/iBKUhQ/Hsyalafbd8ewMzvN:20Se/aTgJv65NH/i8UKH9

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_98fab08e5be7e045d7e26ea268987a09.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_98fab08e5be7e045d7e26ea268987a09.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1624
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1624 -s 272
      2⤵
      • Program crash
      PID:3632
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1624 -ip 1624
    1⤵
      PID:4440

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads