e5152e0c6d430377988c326fd4c4da6615bc4d3d6afbac35146513dbec6d142f

Analysis

max time kernel
134s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
20-04-2024 04:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe
Size

1.6MB
MD5

fbf0753988f6e278a9766c29de45cecd
SHA1

5b88156909882c530235df9ab080d5144543f430
SHA256

e5152e0c6d430377988c326fd4c4da6615bc4d3d6afbac35146513dbec6d142f
SHA512

bfe6d67f86073821db278ca2c20fabebef7007dd49d5ea8f005bf60e24c0d436079dd5365363623e9d4249d65ea3e73d6a4c283358d045bb25f0f53265851094
SSDEEP

49152:SqJP/j515LJzZYy8MoPDMBqPtTe/LEXB8+mJu:Z3j5fhZ52IEPtCTEeY

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1724 1704 WerFault.exe fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe

pid	pid_target	process	target process
1724	1704	WerFault.exe	fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe

Modifies registry class 3 IoCs

Processes:

fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.key	fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\	fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\ = "regfile"	fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fbf0753988f6e278a9766c29de45cecd_JaffaCakes118.exe"
1⤵
- Modifies registry class
PID:1704

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1704 -s 744
2⤵
- Program crash
PID:1724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 1704 -ip 1704
1⤵
PID:3668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1704-0-0x0000000000400000-0x00000000008CF000-memory.dmp

Filesize
4.8MB

Download
memory/1704-2-0x0000000002840000-0x0000000002841000-memory.dmp

Filesize
4KB

Download
memory/1704-1-0x0000000002830000-0x0000000002831000-memory.dmp

Filesize
4KB

Download
memory/1704-17-0x00000000028F0000-0x00000000028F1000-memory.dmp

Filesize
4KB

Download
memory/1704-16-0x00000000028D0000-0x00000000028D1000-memory.dmp

Filesize
4KB

Download
memory/1704-18-0x0000000002910000-0x0000000002911000-memory.dmp

Filesize
4KB

Download
memory/1704-15-0x00000000028B0000-0x00000000028B1000-memory.dmp

Filesize
4KB

Download
memory/1704-14-0x00000000027D0000-0x00000000027D1000-memory.dmp

Filesize
4KB

Download
memory/1704-19-0x0000000002930000-0x0000000002931000-memory.dmp

Filesize
4KB

Download
memory/1704-20-0x0000000002950000-0x0000000002951000-memory.dmp

Filesize
4KB

Download
memory/1704-13-0x00000000026A0000-0x00000000026A1000-memory.dmp

Filesize
4KB

Download
memory/1704-12-0x0000000002670000-0x0000000002671000-memory.dmp

Filesize
4KB

Download
memory/1704-11-0x0000000002680000-0x0000000002681000-memory.dmp

Filesize
4KB

Download
memory/1704-10-0x0000000000BC0000-0x0000000000BC1000-memory.dmp

Filesize
4KB

Download
memory/1704-9-0x0000000000A40000-0x0000000000A41000-memory.dmp

Filesize
4KB

Download
memory/1704-8-0x0000000000BB0000-0x0000000000BB1000-memory.dmp

Filesize
4KB

Download
memory/1704-7-0x0000000002890000-0x0000000002891000-memory.dmp

Filesize
4KB

Download
memory/1704-6-0x0000000002880000-0x0000000002881000-memory.dmp

Filesize
4KB

Download
memory/1704-5-0x0000000002830000-0x0000000002833000-memory.dmp

Filesize
12KB

Download
memory/1704-4-0x0000000002840000-0x0000000002841000-memory.dmp

Filesize
4KB

Download
memory/1704-3-0x0000000002840000-0x0000000002841000-memory.dmp

Filesize
4KB

Download
memory/1704-21-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/1704-22-0x0000000002970000-0x0000000002971000-memory.dmp

Filesize
4KB

Download
memory/1704-23-0x0000000002AF0000-0x0000000002AF1000-memory.dmp

Filesize
4KB

Download
memory/1704-24-0x0000000002AE0000-0x0000000002AE1000-memory.dmp

Filesize
4KB

Download
memory/1704-25-0x0000000002B20000-0x0000000002B21000-memory.dmp

Filesize
4KB

Download
memory/1704-26-0x0000000002B10000-0x0000000002B11000-memory.dmp

Filesize
4KB

Download
memory/1704-27-0x0000000002B40000-0x0000000002B41000-memory.dmp

Filesize
4KB

Download
memory/1704-28-0x0000000002B30000-0x0000000002B31000-memory.dmp

Filesize
4KB

Download
memory/1704-29-0x0000000002C80000-0x0000000002C81000-memory.dmp

Filesize
4KB

Download
memory/1704-30-0x0000000002CC0000-0x0000000002CC1000-memory.dmp

Filesize
4KB

Download
memory/1704-31-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/1704-32-0x0000000002CE0000-0x0000000002CE1000-memory.dmp

Filesize
4KB

Download
memory/1704-33-0x0000000003050000-0x0000000003051000-memory.dmp

Filesize
4KB

Download
memory/1704-34-0x0000000003040000-0x0000000003041000-memory.dmp

Filesize
4KB

Download
memory/1704-35-0x0000000003070000-0x0000000003071000-memory.dmp

Filesize
4KB

Download
memory/1704-36-0x0000000003060000-0x0000000003061000-memory.dmp

Filesize
4KB

Download
memory/1704-38-0x00000000030A0000-0x00000000030A1000-memory.dmp

Filesize
4KB

Download
memory/1704-37-0x0000000003080000-0x0000000003081000-memory.dmp

Filesize
4KB

Download
memory/1704-39-0x00000000030D0000-0x00000000030D1000-memory.dmp

Filesize
4KB

Download
memory/1704-40-0x0000000003110000-0x0000000003111000-memory.dmp

Filesize
4KB

Download
memory/1704-42-0x0000000003130000-0x0000000003131000-memory.dmp

Filesize
4KB

Download
memory/1704-41-0x0000000003140000-0x0000000003141000-memory.dmp

Filesize
4KB

Download
memory/1704-43-0x0000000003160000-0x0000000003161000-memory.dmp

Filesize
4KB

Download
memory/1704-44-0x0000000003150000-0x0000000003151000-memory.dmp

Filesize
4KB

Download
memory/1704-45-0x0000000003180000-0x0000000003181000-memory.dmp

Filesize
4KB

Download
memory/1704-46-0x0000000003170000-0x0000000003171000-memory.dmp

Filesize
4KB

Download
memory/1704-47-0x00000000031A0000-0x00000000031A1000-memory.dmp

Filesize
4KB

Download
memory/1704-48-0x0000000003190000-0x0000000003191000-memory.dmp

Filesize
4KB

Download
memory/1704-49-0x0000000002820000-0x0000000002821000-memory.dmp

Filesize
4KB

Download
memory/1704-51-0x0000000002850000-0x0000000002851000-memory.dmp

Filesize
4KB

Download
memory/1704-50-0x0000000000BA0000-0x0000000000BA1000-memory.dmp

Filesize
4KB

Download
memory/1704-52-0x00000000027C0000-0x00000000027C1000-memory.dmp

Filesize
4KB

Download
memory/1704-53-0x00000000028A0000-0x00000000028A1000-memory.dmp

Filesize
4KB

Download
memory/1704-54-0x00000000028C0000-0x00000000028C1000-memory.dmp

Filesize
4KB

Download
memory/1704-55-0x00000000028E0000-0x00000000028E1000-memory.dmp

Filesize
4KB

Download
memory/1704-56-0x0000000002900000-0x0000000002901000-memory.dmp

Filesize
4KB

Download
memory/1704-57-0x0000000002920000-0x0000000002921000-memory.dmp

Filesize
4KB

Download
memory/1704-58-0x0000000002940000-0x0000000002941000-memory.dmp

Filesize
4KB

Download
memory/1704-59-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download
memory/1704-60-0x0000000002C90000-0x0000000002C91000-memory.dmp

Filesize
4KB

Download
memory/1704-61-0x0000000002CA0000-0x0000000002CA1000-memory.dmp

Filesize
4KB

Download
memory/1704-62-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

Filesize
4KB

Download
memory/1704-63-0x0000000003090000-0x0000000003091000-memory.dmp

Filesize
4KB

Download
memory/1704-70-0x0000000000400000-0x00000000008CF000-memory.dmp

Filesize
4.8MB

Download