Overview

overview

10

Static

static

1

JaffaCakes...9b.exe

windows7-x64

10

JaffaCakes...9b.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    108s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/03/2025, 06:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_3e79265a61e6021ae8cac87863fce49b.exe

  • Size

    193KB

  • MD5

    3e79265a61e6021ae8cac87863fce49b

  • SHA1

    498f45ff473652265d13f1bf3fa452c7fb79b6a2

  • SHA256

    3a7e68598b7e8d95a7bcc12b3638fb58a2515a78161fca74385ec648745e7559

  • SHA512

    fa0fc4d18c6f78343914138e9edccaea80d2d4272984b61edd30ca110032b7525ef7aa066f398c5945cb317f1159ed51eb0d36c423265a2b2c07fd22ecd1a279

  • SSDEEP

    3072:7WdqU6WK8JXTkeiqPGIEZO+557n3/MR6V3LIkvJl3Xu1kC:SdqU6WKGBiqqg+55wk7vJlyb

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_3e79265a61e6021ae8cac87863fce49b.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_3e79265a61e6021ae8cac87863fce49b.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1584
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1584 -s 312
      2⤵
      • Program crash
      PID:4860
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 1584 -ip 1584
    1⤵
      PID:2264

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads