Analysis
-
max time kernel
105s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
28/03/2025, 19:22
General
-
Target
JaffaCakes118_8af1cb2cc60741dbac95ed339a403bcc.exe
-
Size
644KB
-
MD5
8af1cb2cc60741dbac95ed339a403bcc
-
SHA1
82ea9ea3eeb7428d3ae47dd2e505070364589f75
-
SHA256
840fb5ee19fc8d0ce9ac390ee71a3ee53cfcff5b3978d56c06c2ac981ec414e3
-
SHA512
8d27134dceb3d9378422caf695cf0ca814cd65bb334d51a96a271a2b79285639e3be6866896337b6e139b9353016cf0f6955289ae28679a5573516bb618f12fc
-
SSDEEP
6144:T82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbY6ilV:Hp4pNfz3ymJnJ8QCFkxCaQTOllyu
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8af1cb2cc60741dbac95ed339a403bcc.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8af1cb2cc60741dbac95ed339a403bcc.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3192 -s 4482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3192 -ip 31921⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
508KB
-
Filesize
508KB