a67f34f84d7cc2ab0c2e9652f7fa0cc43985969dd8751fb2ab0abab2a892d412 | Triage

Analysis

max time kernel
133s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
14-05-2024 17:09

Sharing

Report Analysis Logs

General

Target

4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe
Size

251KB
MD5

4247b2cae5c018ee0134feb6695bf7e7
SHA1

5fd1acfc04be9afc9e31e868cab37b7f10a669a3
SHA256

a67f34f84d7cc2ab0c2e9652f7fa0cc43985969dd8751fb2ab0abab2a892d412
SHA512

ee359f1b805c476549b3d869ab3317f8265c96155030e253a62626f21cf0ef5962c777c59e195726132dfe6b1ff40b5afc0aca42d4f9e0f0140b6be7cfa32be2
SSDEEP

6144:7v+MG0F7zG2lIEp6FzlcruO8zrP6HySZ:7LG0F7yWalINUg/

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2172	5108	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118.exe"
1⤵
PID:5108
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5108 -s 480
  2⤵
  - Program crash
  PID:2172

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5108 -ip 5108
1⤵
PID:3116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5108-0-0x00000000005D0000-0x00000000005E9000-memory.dmp

Filesize
100KB

Download
memory/5108-1-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download