Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-07-2024 11:07

General

  • Target

    2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe

  • Size

    196KB

  • MD5

    2854e9e5e2a0f5b574342369a3bfe379

  • SHA1

    e777573f51078e708926dcc0ee5da31ffa0b55bf

  • SHA256

    2a3bf4305468e320cc62fcefc23fb056237c8739f31838e27114eca9c912e396

  • SHA512

    a5ea8ef669627dddfcf91d4745bfaadc379a10b9f20d32ac955bf5978ad67a72bbcf33697a02b17638c25f98168d018e86f23e51e423692aac8ae70724c44a17

  • SSDEEP

    6144:jUnzFF2S9eRo5mIlZMATk72l9xfgb33egP1L:jEFoS8WmIQAA7C9RO1L

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe"
    1⤵
      PID:3376
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3376 -s 420
        2⤵
        • Program crash
        PID:4840
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3376 -ip 3376
      1⤵
        PID:3460

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3376-0-0x0000000000400000-0x000000000047F000-memory.dmp

        Filesize

        508KB

      • memory/3376-1-0x0000000000720000-0x0000000000722000-memory.dmp

        Filesize

        8KB

      • memory/3376-2-0x0000000000400000-0x000000000047F000-memory.dmp

        Filesize

        508KB