Overview

overview

10

Static

static

3

JaffaCakes...51.exe

windows7-x64

10

JaffaCakes...51.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    102s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/03/2025, 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_979b6f89bd5e28f9d747361f914c5b51.exe

  • Size

    176KB

  • MD5

    979b6f89bd5e28f9d747361f914c5b51

  • SHA1

    b3e1e65aadeac329fd81282647e7888c76b9f5f1

  • SHA256

    79e42dbb5febaba9532b531145e70a910f0019b505f5909ae49d24333434f559

  • SHA512

    4e7c997dcd212773026fe5b7e64396534613b8b4f12284ed98bb7bf4f0c70dc48360f0e513263888e0500156dd984ccc93c7a17da4e799f9ea4b1c716da166b6

  • SSDEEP

    3072:ffPf5ZS37V242C9A3B8jv0lkpkPT/C0jqIZoyhXt/LJ8ZpepH5Pqn:ffvS37Y4H9A3B84mkTC02IZ7hXBLupQZ

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_979b6f89bd5e28f9d747361f914c5b51.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_979b6f89bd5e28f9d747361f914c5b51.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:5440
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 5440 -s 392
      2⤵
      • Program crash
      PID:1580
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 5440 -ip 5440
    1⤵
      PID:5128

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads