Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system -
submitted
06-07-2024 11:07
Behavioral task
behavioral1
Sample
2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe
Resource
win7-20240508-en
10 signatures
150 seconds
Behavioral task
behavioral2
Sample
2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe
Resource
win10v2004-20240704-en
2 signatures
150 seconds
General
-
Target
2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe
-
Size
196KB
-
MD5
2854e9e5e2a0f5b574342369a3bfe379
-
SHA1
e777573f51078e708926dcc0ee5da31ffa0b55bf
-
SHA256
2a3bf4305468e320cc62fcefc23fb056237c8739f31838e27114eca9c912e396
-
SHA512
a5ea8ef669627dddfcf91d4745bfaadc379a10b9f20d32ac955bf5978ad67a72bbcf33697a02b17638c25f98168d018e86f23e51e423692aac8ae70724c44a17
-
SSDEEP
6144:jUnzFF2S9eRo5mIlZMATk72l9xfgb33egP1L:jEFoS8WmIQAA7C9RO1L
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/3376-0-0x0000000000400000-0x000000000047F000-memory.dmp upx behavioral2/memory/3376-2-0x0000000000400000-0x000000000047F000-memory.dmp upx -
Program crash 1 IoCs
pid pid_target Process procid_target 4840 3376 WerFault.exe 81
Processes
-
C:\Users\Admin\AppData\Local\Temp\2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\2854e9e5e2a0f5b574342369a3bfe379_JaffaCakes118.exe"1⤵PID:3376
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3376 -s 4202⤵
- Program crash
PID:4840
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3376 -ip 33761⤵PID:3460