faf27b755cf9d2adb75453a21ddd7ddc874118360bfe537fc686f89a25951b24

Analysis

max time kernel
135s
max time network
104s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04/05/2024, 16:20

Target

138630e52f502f795fd28910d98c8875_JaffaCakes118.exe
Size

2.2MB
MD5

138630e52f502f795fd28910d98c8875
SHA1

44dad7c11f26e9b45e4ef0d5d5c72631cc3b9168
SHA256

faf27b755cf9d2adb75453a21ddd7ddc874118360bfe537fc686f89a25951b24
SHA512

ac19d071ae20b0ecea1fb6336d688bc6ac7c233f567c6fff92809e889c84c3fd27fd18aa33f7420e3185d7f0da974092bb38cd1063602e6de32facc1691578d3
SSDEEP

49152:F/naEHOTVf9YWXYCo4eVSco4ynf5Z7CeuH2f0gFUM/AW0:paEHOTVVVl/excTuHSfz0

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
5084	1484	WerFault.exe	84
1800	1484	WerFault.exe	84

C:\Users\Admin\AppData\Local\Temp\138630e52f502f795fd28910d98c8875_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\138630e52f502f795fd28910d98c8875_JaffaCakes118.exe"
1⤵
PID:1484
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1484 -s 424
  2⤵
  - Program crash
  PID:5084
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1484 -s 432
  2⤵
  - Program crash
  PID:1800

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1484 -ip 1484
1⤵
PID:1336

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 1484 -ip 1484
1⤵
PID:2288

memory/1484-1-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1484-2-0x0000000000401000-0x0000000000412000-memory.dmp

Filesize
68KB

Download
memory/1484-3-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1484-4-0x00000000027A0000-0x000000000295D000-memory.dmp

Filesize
1.7MB

Download
memory/1484-10-0x00000000027A0000-0x000000000295D000-memory.dmp

Filesize
1.7MB

Download