Overview

overview

3

Static

static

3

3d479da428...18.exe

windows7-x64

3

3d479da428...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2024, 11:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3d479da4287c8cad8ebe3c9abd9865fe_JaffaCakes118.exe

  • Size

    20KB

  • MD5

    3d479da4287c8cad8ebe3c9abd9865fe

  • SHA1

    aadd11852f9541a634c8b61cf5756322d71ec9ee

  • SHA256

    1993c2851f14526682fd211f3168e543113aff149968a0ff7b7d554ad87aaaad

  • SHA512

    3988a8bc11a030ab449c86a2274f872576b952358128ce3fcd8875184dc550836192fd2175fe8f0dfe7f7a0868336e0b34ebf005509ea320c6a0cd3c608ce8cf

  • SSDEEP

    192:xe3aHUks38cRvYVNq2RYVM48xF0h3D9S1:c33ks38M45RYVloF+D9S

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d479da4287c8cad8ebe3c9abd9865fe_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3d479da4287c8cad8ebe3c9abd9865fe_JaffaCakes118.exe"
    1⤵
      PID:4732
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4732 -s 220
        2⤵
        • Program crash
        PID:4524
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4732 -s 224
        2⤵
        • Program crash
        PID:4468
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 4732 -ip 4732
      1⤵
        PID:1460
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 372 -p 4732 -ip 4732
        1⤵
          PID:4648

        Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads