a1818771ed70f8cb37e5c06e071aef46b1a1ca87ce00b4d9847d03d162f4b62f

Analysis

max time kernel
131s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
26-06-2024 01:14

Target

103831d750618b5f3f058b04707e69a8_JaffaCakes118.exe
Size

172KB
MD5

103831d750618b5f3f058b04707e69a8
SHA1

f9f525b9c3f1b0195aa0b3d9abf8ddd85dcd81f6
SHA256

a1818771ed70f8cb37e5c06e071aef46b1a1ca87ce00b4d9847d03d162f4b62f
SHA512

d47ad92a80884b7293ad9c3a355645d572e42ea6cb5846be86404102dc96e54afb726ff2f30c2b6415ef0d4123cdfa941ab6abca2eb2817fcf1ceb6d45cb2d6d
SSDEEP

3072:l6NHlLuFOMk8AukJlTyJPXje3nJtHFjhRdkfyetqh/7H25F+0SiYxbBQSoJFC7FI:l6NHu7AuG+jknVjhRdkfyDhz25F2iYxp

Score

8^/10

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\QQOSPUST.sys	103831d750618b5f3f058b04707e69a8_JaffaCakes118.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3008	4812	WerFault.exe	82

C:\Users\Admin\AppData\Local\Temp\103831d750618b5f3f058b04707e69a8_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\103831d750618b5f3f058b04707e69a8_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
PID:4812
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4812 -s 312
  2⤵
  - Program crash
  PID:3008

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4812 -ip 4812
1⤵
PID:5004

memory/4812-0-0x0000000000400000-0x0000000000468000-memory.dmp

Filesize
416KB

Download
memory/4812-1-0x0000000000400000-0x0000000000468000-memory.dmp

Filesize
416KB

Download
memory/4812-3-0x0000000000400000-0x0000000000468000-memory.dmp

Filesize
416KB

Download
memory/4812-5-0x0000000000400000-0x0000000000468000-memory.dmp

Filesize
416KB

Download