1837429591599b12569cd746bc34feba531e05d269a2dc43e04255bfcde9505b

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 14:08

Target

4a00fb9b38b56a0562ed69be15b734c1_JaffaCakes118.exe
Size

663KB
MD5

4a00fb9b38b56a0562ed69be15b734c1
SHA1

0cf78e7b593a30a166f7a34e5a5d9739aa9222a3
SHA256

1837429591599b12569cd746bc34feba531e05d269a2dc43e04255bfcde9505b
SHA512

74c0c7d9e58e056e756f7ffbc07ca33065422b29f15c301e88fe1eefd4565b2080a280d61e04e2307f31867f9379f6e521273c0351f1dacf703dcb1557838e14
SSDEEP

12288:ZGFvw7NSgLq4uSqnFeY6WyUAyYxFgUeH4wO6InaU2Z7W4ccWRSi:ZWivLnxY6WygYPgUslU2pEcW

Score

7^/10

aspackv2

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
behavioral2/memory/3928-0-0x0000000000400000-0x0000000000581000-memory.dmp	aspack_v212_v242

Program crash 2 IoCs

pid	pid_target	Process	procid_target
4524	3928	WerFault.exe	82
768	3928	WerFault.exe	82

C:\Users\Admin\AppData\Local\Temp\4a00fb9b38b56a0562ed69be15b734c1_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\4a00fb9b38b56a0562ed69be15b734c1_JaffaCakes118.exe"
1⤵
PID:3928
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3928 -s 384
  2⤵
  - Program crash
  PID:4524
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3928 -s 476
  2⤵
  - Program crash
  PID:768

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3928 -ip 3928
1⤵
PID:1936

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3928 -ip 3928
1⤵
PID:4832

memory/3928-0-0x0000000000400000-0x0000000000581000-memory.dmp

Filesize
1.5MB

Download
memory/3928-2-0x00000000006B0000-0x00000000006F7000-memory.dmp

Filesize
284KB

Download
memory/3928-3-0x0000000000400000-0x0000000000581000-memory.dmp

Filesize
1.5MB

Download
memory/3928-4-0x0000000000400000-0x0000000000581000-memory.dmp

Filesize
1.5MB

Download
memory/3928-5-0x00000000006B0000-0x00000000006F7000-memory.dmp

Filesize
284KB

Download