8471d60ef14b3490cee17fd5eeced6334c69aaa4fc0b60ab3ae1dd8f44e5ead6

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
20/04/2024, 18:58

Target

fd6ad3baee363a5186f5eaa673e67d08_JaffaCakes118.exe
Size

24KB
MD5

fd6ad3baee363a5186f5eaa673e67d08
SHA1

c545b803db7b2eaf75e0b149e367c4d5b4de7905
SHA256

8471d60ef14b3490cee17fd5eeced6334c69aaa4fc0b60ab3ae1dd8f44e5ead6
SHA512

b2beb223308d64b65eb583cb6f65f06b4e7ea02159e977e6aa742d091fa9fd48ea4e73583c808201464835c330b7733c63edd62a4d3a53fb68fa48871e961b8e
SSDEEP

384:dguob+YG+ZOwbtx7QXVhoqZaiIUSy0vmGXvwvMJRA/Vw/VbO92W1:dMvND7QXoqSUSfmAvwvMvA/gbC2W1

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/212-1-0x00000000001C0000-0x00000000001D0000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
816	212	WerFault.exe	85

C:\Users\Admin\AppData\Local\Temp\fd6ad3baee363a5186f5eaa673e67d08_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fd6ad3baee363a5186f5eaa673e67d08_JaffaCakes118.exe"
1⤵
PID:212
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 212 -s 344
  2⤵
  - Program crash
  PID:816

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 212 -ip 212
1⤵
PID:4520

memory/212-0-0x0000000000510000-0x0000000000522000-memory.dmp

Filesize
72KB

Download
memory/212-1-0x00000000001C0000-0x00000000001D0000-memory.dmp

Filesize
64KB

Download
memory/212-2-0x0000000000510000-0x0000000000522000-memory.dmp

Filesize
72KB

Download