Analysis
-
max time kernel
103s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
29/03/2025, 20:19
General
-
Target
JaffaCakes118_97ac1f8eac4cdad0940e9ce8a36ff010.exe
-
Size
184KB
-
MD5
97ac1f8eac4cdad0940e9ce8a36ff010
-
SHA1
028667cb29e9cb79b9630d4cd417209dcb3155be
-
SHA256
213da0ba0be697eb8379fc446d5a2678035c8a4d636980ad433cb71e056bedeb
-
SHA512
d91e05530759694fb1895055e4107a9195da9957547ccd8f9fd061b9bef19c7df32404690398fd7c4ff0817bd4deacd25210b05788647aebd9af005ce72da6f6
-
SSDEEP
3072:E4rMtcfV0bYmNpeTZrjfErMPG7MKM+Y2Yl95d4Ld87dQm8iivh6Q1yr:ZrMt2ONajsTMKM+Y2I5G58xvQ1y
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_97ac1f8eac4cdad0940e9ce8a36ff010.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_97ac1f8eac4cdad0940e9ce8a36ff010.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4636 -s 3162⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 4636 -ip 46361⤵