Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
22-01-2025 02:19
General
-
Target
JaffaCakes118_097bb64fb09371dc1df147a917b2dd3b.exe
-
Size
97KB
-
MD5
097bb64fb09371dc1df147a917b2dd3b
-
SHA1
cc9d26083d234af1205377c78550bdc46574b498
-
SHA256
a130766197dd0a099e79161b697b4fc27e9c61eaef7d53fa3f8a1132a9e92969
-
SHA512
627b2cd8c685de36ac2c5f793725bb0a81dc1b48f803030e06830d4e1a29a207f7972d25b1e5167db3c37d4ddcff0a6335559fc707d1786a935459372eaa9301
-
SSDEEP
1536:Gz5gTPtasdfRdwI2tFmqx9t8Io+6f8/jgOGBfJEKrnenYeOyaLcgkRVW7yhK4tJW:EK8sByoqx9tvo7OfjmneYyKcgk7DF0D
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_097bb64fb09371dc1df147a917b2dd3b.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_097bb64fb09371dc1df147a917b2dd3b.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4072 -s 2482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 4072 -ip 40721⤵