Overview

overview

10

Static

static

3

3c3450eff8...18.exe

windows7-x64

10

3c3450eff8...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-05-2024 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c3450eff8c5bdc479070df05827215b_JaffaCakes118.exe

  • Size

    186KB

  • MD5

    3c3450eff8c5bdc479070df05827215b

  • SHA1

    8d46d8ff50138c035196697d4d362df5271a0d6b

  • SHA256

    b46e446b0b7642b3e0dbfb7189e7e90101ecb36192c10058568c6977f37d4d95

  • SHA512

    c85b4618de2526a9819cc1d65111b5e8840cbd3c06f7f8f17289f0faa58e7b001e2194c5e845805ce7b4d7c2905bf628b5cd0f7b98d02c2d39779d47210b0f3d

  • SSDEEP

    3072:aRLoaBFWb5AW+CdMNu30OGjSyJkN9LjkrJkfDss:aRb0+mIu3BGjSy2f/k1kf

Score
10/10
azorultinfostealertrojan

Malware Config

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c3450eff8c5bdc479070df05827215b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3c3450eff8c5bdc479070df05827215b_JaffaCakes118.exe"
    1⤵
      PID:116
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 116 -s 1428
        2⤵
        • Program crash
        PID:3092
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 116 -ip 116
      1⤵
        PID:3420

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/116-1-0x00000000005E0000-0x00000000006E0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/116-2-0x0000000000400000-0x0000000000420000-memory.dmp

        Filesize

        128KB

        Download

      • memory/116-3-0x0000000000400000-0x0000000000435000-memory.dmp

        Filesize

        212KB

        Download

      • memory/116-5-0x00000000005E0000-0x00000000006E0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/116-6-0x0000000000400000-0x0000000000420000-memory.dmp

        Filesize

        128KB

        Download

      • memory/116-7-0x0000000000400000-0x0000000000435000-memory.dmp

        Filesize

        212KB

        Download

      • memory/116-9-0x0000000000400000-0x0000000000435000-memory.dmp

        Filesize

        212KB

        Download

      • memory/116-10-0x0000000000400000-0x0000000000420000-memory.dmp

        Filesize

        128KB

        Download