Overview

overview

8

Static

static

3

06df0980ff...18.exe

windows7-x64

8

06df0980ff...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-06-2024 14:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06df0980fff3b950dcf02359b7162ee5_JaffaCakes118.exe

  • Size

    4.9MB

  • MD5

    06df0980fff3b950dcf02359b7162ee5

  • SHA1

    d2a9de6ae30f40243d941fe747da2f20790b6e62

  • SHA256

    0590894e2ef5e46ca7044fec6df83d362021c7a0798aed4aa38baa6e2fe066ed

  • SHA512

    46f815717388a4bd273dcae7df9577a37b8089b8bc2a17b087ea7418d24af2a07722072ffbe2374f6a0697780fddf9e5fb360302b1452143b87aba761681f4e8

  • SSDEEP

    98304:3Mtb7/SrJkyTl9KMkEfj9gMWRW1xpF27ZOidJf9a52DLsz8RG3slJu+NEOt:QurJR9/JgtWjpF2VtdJ852BceTNvt

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06df0980fff3b950dcf02359b7162ee5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\06df0980fff3b950dcf02359b7162ee5_JaffaCakes118.exe"
    1⤵
      PID:652
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 652 -s 580
        2⤵
        • Program crash
        PID:528
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 652 -s 580
        2⤵
        • Program crash
        PID:2112
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 652 -ip 652
      1⤵
        PID:4628
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 652 -ip 652
        1⤵
          PID:3372

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/652-5-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-7-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-6-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-4-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-1-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-8-0x0000000000400000-0x000000000215B000-memory.dmp

          Filesize

          29.4MB

          Download

        • memory/652-9-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-3-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-2-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-0-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/652-10-0x0000000000400000-0x000000000215B000-memory.dmp

          Filesize

          29.4MB

          Download

        • memory/652-12-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download