Analysis
-
max time kernel
53s -
max time network
67s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
01/07/2024, 12:02 UTC
General
-
Target
1b398e1f375f9d98c5e271cdcef9b126_JaffaCakes118.exe
-
Size
111KB
-
MD5
1b398e1f375f9d98c5e271cdcef9b126
-
SHA1
86dde87a3354b4e0ab62cf27ea085c7f714b869a
-
SHA256
42866881cf066786d5d81173ed7e7ef5a01b038bbc23e1469461b8e7ca97b58a
-
SHA512
e2a408a57b6ab3d4974ea036e61bd036fcc077004e362ddc7d0e2b697fe7ef16b80ef56c0441bc5c3deaac580217a2a75352446e2d5ad2bada2c16fcdca5957e
-
SSDEEP
1536:LZyjd3gmkguzy9JvjMhu4+lsAkkiJAtCXgVYFYGGhxlN4STjAFO9zq:Lsjo+9Jwu4ZAkkiJAtCgGFdiHNhsFQz
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1b398e1f375f9d98c5e271cdcef9b126_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\1b398e1f375f9d98c5e271cdcef9b126_JaffaCakes118.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4564 -s 2882⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4564 -ip 45641⤵
Network
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR -
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
No results found
-
8.8.8.8:538.8.8.8.in-addr.arpadns
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa