Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
10-07-2024 21:11
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe
-
Size
72KB
-
MD5
3665ac5c0e61086aa96f7d9580646be8
-
SHA1
2738b86055905f0858da327c5216727904312efe
-
SHA256
9618bd955694736fe29a12d9dfcbd7a42760482d602d3ba4160bc67583e53f3c
-
SHA512
b86a7ac4556d54bbedc9c789088c1c83928bfd1ee62fab99ae2e5e8f84abf08ed9201653a07b8e5e0941965bb12559a8db99de537b25c38bb9c122754912f085
-
SSDEEP
768:HY0UuLoZjM5MI/h2gMOXWkpfOfkOX/hsgWcbkKr/hyLoZjM5MW0U:4OQjdI/hoafOsq/CgWcbVr/hyQjdW
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1952 3380 WerFault.exe 3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exepid process 3380 3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\3665ac5c0e61086aa96f7d9580646be8_JaffaCakes118.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:3380 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3380 -s 4642⤵
- Program crash
PID:1952
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3380 -ip 33801⤵PID:4028