85c9319a8eda5a0635431be0fea1e122edcf54c94650f77e2f4e2e7d7e016611

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
20/06/2024, 06:42

Target

03badf7dbc588608b8eff3fb1eee0344_JaffaCakes118.exe
Size

130KB
MD5

03badf7dbc588608b8eff3fb1eee0344
SHA1

9cdf158299d380c3164aeb6f07a97523d08a0851
SHA256

85c9319a8eda5a0635431be0fea1e122edcf54c94650f77e2f4e2e7d7e016611
SHA512

1e793ba6e5659b6fd36596e71fc0dd56d45dcd455537a575ba4eac0e1cc06cbb6a65ab95a4ec090ee2ff9d6ed180252bbbfe0fb23047099f8293ab3ec7ba3723
SSDEEP

1536:x+FDoKUniY1u7Nn2JFkC2styJjCKICFjC7EWisS+5mlatSfkZ:x+FDaK71QkbstyJjCKICpC72s/mlaX

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2360	5092	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\03badf7dbc588608b8eff3fb1eee0344_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\03badf7dbc588608b8eff3fb1eee0344_JaffaCakes118.exe"
1⤵
PID:5092
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5092 -s 388
  2⤵
  - Program crash
  PID:2360

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 5092 -ip 5092
1⤵
PID:4776

memory/5092-0-0x0000000000400000-0x0000000000447000-memory.dmp

Filesize
284KB

Download
memory/5092-1-0x0000000000401000-0x0000000000402000-memory.dmp

Filesize
4KB

Download
memory/5092-2-0x0000000000400000-0x0000000000447000-memory.dmp

Filesize
284KB

Download