Overview

overview

7

Static

static

7

27ae642790...18.exe

windows7-x64

7

27ae642790...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-07-2024 07:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27ae64279076e077af2b556c5888011e_JaffaCakes118.exe

  • Size

    69KB

  • MD5

    27ae64279076e077af2b556c5888011e

  • SHA1

    b1a4018dcf4d784d9c95e4049140b156138f5c95

  • SHA256

    371d358091e4a358d888f487bac86eda9f5fb976f81ad08be71b36d69b64d842

  • SHA512

    37de2e5765501a88aec4ce2a92f29af844180b6d1897b787023184759c1b6200c500aeb4a1e7ecdd95d5435ab6ba27937454bb071d6edde54e1c2799a5cd1f4e

  • SSDEEP

    1536:PLq1QChOUpbP30CGEWBT/XWDMbXXiWa0fH8R:K7hOU5cCwh/XgMbyWa0e

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27ae64279076e077af2b556c5888011e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\27ae64279076e077af2b556c5888011e_JaffaCakes118.exe"
    1⤵
      PID:1856
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1856 -s 380
        2⤵
        • Program crash
        PID:4984
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1856 -ip 1856
      1⤵
        PID:720

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1856-0-0x0000000000400000-0x0000000000499032-memory.dmp

        Filesize

        612KB

        Download