01ad63cd46eac880f98214b1436e8886c79fc19dc236077d8bba832f2754055f

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2024, 19:07

Target

3a63ee6f8205f1841fb5dbcd33a34ae8_JaffaCakes118.exe
Size

172KB
MD5

3a63ee6f8205f1841fb5dbcd33a34ae8
SHA1

445586e5b4be8077e77c37744f0a09277cdcaddf
SHA256

01ad63cd46eac880f98214b1436e8886c79fc19dc236077d8bba832f2754055f
SHA512

518d27e9ba3967dc4e537d47b272b69c270aab2ef2d2389538dfc94aa9bd25c4bfc0950a10c82769e5bc6159f16d9a3ca9050f90d0f915847d422272f6db64ba
SSDEEP

1536:UIb0cElKGGEy0FBZEy0FBdncocT29KBRCZRtPMUUXIIGgNRneMT:UIMNw0Fp0FvcVy0R2RRngNRl

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3948-0-0x0000000000400000-0x0000000000440000-memory.dmp	upx
behavioral2/memory/3948-1-0x0000000000400000-0x0000000000440000-memory.dmp	upx

Program crash 2 IoCs

pid	pid_target	Process	procid_target
5004	3948	WerFault.exe	81
432	3948	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\3a63ee6f8205f1841fb5dbcd33a34ae8_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\3a63ee6f8205f1841fb5dbcd33a34ae8_JaffaCakes118.exe"
1⤵
PID:3948
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3948 -s 448
  2⤵
  - Program crash
  PID:5004
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3948 -s 480
  2⤵
  - Program crash
  PID:432

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3948 -ip 3948
1⤵
PID:4764

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3948 -ip 3948
1⤵
PID:2528

memory/3948-0-0x0000000000400000-0x0000000000440000-memory.dmp

Filesize
256KB

Download
memory/3948-1-0x0000000000400000-0x0000000000440000-memory.dmp

Filesize
256KB

Download