d9aa9e17d219254514a9b77694a2b189e49c1e3cf41fe0d311485e45a5165c75

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2024, 17:26

Target

2d329f9cfebc0bb7ada03df90286e208_JaffaCakes118.exe
Size

58KB
MD5

2d329f9cfebc0bb7ada03df90286e208
SHA1

fa4507fb771a4fa4cdaea9f138bb945fd96974c4
SHA256

d9aa9e17d219254514a9b77694a2b189e49c1e3cf41fe0d311485e45a5165c75
SHA512

39a89b1309f6142e0b11378bc6a72c6a410d6aa90541ba97a0cde8007ca71d32250e218e6bd5f9f3f1b2063c142ecb3c9897444e11ac6d797eef3fb8f8c2b0d4
SSDEEP

1536:d/yx+uTNL7NCJeVVaRNwJAomFk60hWFeKkw:R9uxgWXmFuWMKkw

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3936-0-0x0000000000400000-0x0000000000417000-memory.dmp	upx
behavioral2/memory/3936-2-0x0000000000400000-0x0000000000417000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3296	3936	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\2d329f9cfebc0bb7ada03df90286e208_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2d329f9cfebc0bb7ada03df90286e208_JaffaCakes118.exe"
1⤵
PID:3936
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3936 -s 464
  2⤵
  - Program crash
  PID:3296

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3936 -ip 3936
1⤵
PID:3464

memory/3936-0-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/3936-1-0x0000000000710000-0x0000000000712000-memory.dmp

Filesize
8KB

Download
memory/3936-2-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download