d809269110992c482f52b31d4c7d967a2f9818395bdcbbeff80c644b44e45731

Analysis

max time kernel
94s
max time network
111s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
13/07/2024, 04:27

Target

40325f7dbbf38b97848fe695b4af53b9_JaffaCakes118.exe
Size

2.1MB
MD5

40325f7dbbf38b97848fe695b4af53b9
SHA1

a53e709d71c2f6fb4aedb0bb73f206b2754e8556
SHA256

d809269110992c482f52b31d4c7d967a2f9818395bdcbbeff80c644b44e45731
SHA512

ced92dc1f3abd3b75347b9ff7a4849b7f405ddf95631b1dc68d19978ac0b9dab6ecaf5a7e5e70e85660dc1a00284366406516e7119aa8f2502008c27787ea903
SSDEEP

49152:piiYziOTy6FunJI+gZLTXK1/J3i7J/x1z0Izb3xCDdRqE:0lziuFunJiJDK1J30r0Izrxi2E

Score

3^/10

Program crash 3 IoCs

pid	pid_target	Process	procid_target
3060	2992	WerFault.exe	82
2136	2992	WerFault.exe	82
2120	2992	WerFault.exe	82

C:\Users\Admin\AppData\Local\Temp\40325f7dbbf38b97848fe695b4af53b9_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\40325f7dbbf38b97848fe695b4af53b9_JaffaCakes118.exe"
1⤵
PID:2992
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2992 -s 220
  2⤵
  - Program crash
  PID:3060
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2992 -s 452
  2⤵
  - Program crash
  PID:2136
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2992 -s 140
  2⤵
  - Program crash
  PID:2120

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2992 -ip 2992
1⤵
PID:3656

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 2992 -ip 2992
1⤵
PID:4448

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 2992 -ip 2992
1⤵
PID:116

memory/2992-0-0x0000000000400000-0x0000000000C03000-memory.dmp

Filesize
8.0MB

Download
memory/2992-2-0x0000000000400000-0x0000000000C03000-memory.dmp

Filesize
8.0MB

Download