Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    20-06-2024 06:41

General

  • Target

    03b9785568f7a6fd0b5a1f4ea78452c1_JaffaCakes118.exe

  • Size

    232KB

  • MD5

    03b9785568f7a6fd0b5a1f4ea78452c1

  • SHA1

    282c2f00bf6f475826e721b40ca79318d60145af

  • SHA256

    25705af0a5b07fd75329f3f060a77849aab5c4a2bb93c4d3d5b4e30cdc7c5493

  • SHA512

    41fd7866e09a36884680eaf2ef5e5d07b7849077a831b4686ba08293d007d0be7f86d4bccd83a7d39cf27dfcbf818b4536ce673ec481d62cbd187bdf6b29f3af

  • SSDEEP

    6144:YkbtRFd4KupxxrYFOJghXs+q8Fpg7gQ8+:YkbtRFzun6KN8Fpgh

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\03b9785568f7a6fd0b5a1f4ea78452c1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\03b9785568f7a6fd0b5a1f4ea78452c1_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 96
      2⤵
      • Program crash
      PID:2892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2232-0-0x0000000000400000-0x00000000004AC000-memory.dmp

    Filesize

    688KB