302a15c3517c3151e27396d5dfea9920757f4ded39ca375b1c412c16dc6f5677

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/07/2024, 14:25

Target

22ae14e7475ec3c4419687fb77519401_JaffaCakes118.exe
Size

164KB
MD5

22ae14e7475ec3c4419687fb77519401
SHA1

414afa4539ecd044042768d13f0535aeb1ec18d4
SHA256

302a15c3517c3151e27396d5dfea9920757f4ded39ca375b1c412c16dc6f5677
SHA512

1141e44a3adadc1e9a4fc9aa9aef64b527a58c89771b8e159e3e4f8d0ededa710f909c15b29b7357ffb727f65ff9cea01e732c20284b1bffe737570a55aed04f
SSDEEP

3072:nsVO7tbgLbwqYlqjyFcGrSPUNXnIy00YAJhzRzf17dQL261vPikCNgBmzEY:nsVebXg1/sX5Jb9KrRPNKg

Score

8^/10

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\urmoqvss.sys	22ae14e7475ec3c4419687fb77519401_JaffaCakes118.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2724	1436	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\22ae14e7475ec3c4419687fb77519401_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\22ae14e7475ec3c4419687fb77519401_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
PID:1436
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1436 -s 312
  2⤵
  - Program crash
  PID:2724

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 1436 -ip 1436
1⤵
PID:3292

memory/1436-0-0x0000000000400000-0x0000000000462000-memory.dmp

Filesize
392KB

Download
memory/1436-1-0x0000000000400000-0x0000000000462000-memory.dmp

Filesize
392KB

Download
memory/1436-3-0x0000000000400000-0x0000000000462000-memory.dmp

Filesize
392KB

Download
memory/1436-5-0x0000000000400000-0x0000000000462000-memory.dmp

Filesize
392KB

Download