Analysis
-
max time kernel
94s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
12/07/2024, 12:21
General
-
Target
3d5b5ff5ed67c5d2b4d675a7b2c26893_JaffaCakes118.exe
-
Size
1.2MB
-
MD5
3d5b5ff5ed67c5d2b4d675a7b2c26893
-
SHA1
d6177bff266afe18bbdb62249d433ade0a4c1291
-
SHA256
d00884031db8682fb4076e60bbb04e59fec0bd4b73ece55b322d693ee9f7d1dd
-
SHA512
8bfd5d2123018723e2549f32701580e4e05a04a8647248ba470dc1fcc5730e6195aff2a8149e6d51b35b7faf8647e38df645c4fb4b0413bb125dddbbc734d195
-
SSDEEP
24576:pdwsNWj4OMnprQrOuEnv/1XTd2dqs3+2Wbea0:pmsNsYlX48s3
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SendNotifyMessage 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3d5b5ff5ed67c5d2b4d675a7b2c26893_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\3d5b5ff5ed67c5d2b4d675a7b2c26893_JaffaCakes118.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4836 -s 25642⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4836 -ip 48361⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
1.2MB