7f79c1b0d343affe03be77a7099d47b36aeab2a435b13675da28b25c2b1e9545

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2024, 13:16

Target

16229e9015be6d9da0eedf453dc264a1_JaffaCakes118.exe
Size

20KB
MD5

16229e9015be6d9da0eedf453dc264a1
SHA1

86f51dff1c5c072d88ffe5f996fb6c8f5bdfdacd
SHA256

7f79c1b0d343affe03be77a7099d47b36aeab2a435b13675da28b25c2b1e9545
SHA512

2265cd4376e826c9fadb33fa0e8a57937afa21a0b525269f1f75e4e6ac290530999623fba89c2249c95bff7e9fb1871b86cf532179fe80052366519dd69974df
SSDEEP

384:sn09GNb5ixkYVYl6bXlnAG7EdhGxuZfoaNxKyCL+HmE+Gzp:sf5hH6bXl+U8VNI1+GE+6p

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
5792	4364	WerFault.exe	80
3408	4364	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\16229e9015be6d9da0eedf453dc264a1_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\16229e9015be6d9da0eedf453dc264a1_JaffaCakes118.exe"
1⤵
PID:4364
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4364 -s 252
  2⤵
  - Program crash
  PID:5792
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4364 -s 264
  2⤵
  - Program crash
  PID:3408

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4364 -ip 4364
1⤵
PID:3692

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 4364 -ip 4364
1⤵
PID:1124

memory/4364-0-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/4364-1-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download