41747b9dd0c62f1467bffc3a2c2c55b24c4e26b5b33dc7d8f5242cc75ce61151

Analysis

max time kernel
93s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2024, 11:38

Target

45a73a490e34153788fef72d115b0325_JaffaCakes118.exe
Size

100KB
MD5

45a73a490e34153788fef72d115b0325
SHA1

10bf9837cc03e4ec55d3faa2be9490b22cd2081c
SHA256

41747b9dd0c62f1467bffc3a2c2c55b24c4e26b5b33dc7d8f5242cc75ce61151
SHA512

735f2994c482405142948c610b663f3d3195fde823ec27d7a0c5072c01c464e5adfb33733a17a7e08eb8375a40750fccb0e79d9f6d5e01fc344d387840a6c582
SSDEEP

1536:Km28iAuismywsQLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfaNIjnZ0n:iQ/KLOM5pCnCn

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1300	1188	WerFault.exe	82

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1188	45a73a490e34153788fef72d115b0325_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\45a73a490e34153788fef72d115b0325_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\45a73a490e34153788fef72d115b0325_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1188
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1188 -s 472
  2⤵
  - Program crash
  PID:1300

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 1188 -ip 1188
1⤵
PID:4552