a7aff18a7d73600327be6a4edb4ba1543bbffb265c0f94ec253a238b1665df52

Analysis

max time kernel
94s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 18:33

Target

4ae4d97bf49da34a1dfd43f3dce8d189_JaffaCakes118.exe
Size

468KB
MD5

4ae4d97bf49da34a1dfd43f3dce8d189
SHA1

1800b798c9c92dbafe59f7a763ff01d99ee8ea10
SHA256

a7aff18a7d73600327be6a4edb4ba1543bbffb265c0f94ec253a238b1665df52
SHA512

a0bf3ecbffd91ee7627c747d2cd378ec62ab2adfbda7d1288707b46c6e7b031b54a8ef18856bd8969061d036279169fd2a19dd57bda33e623b68b4cba347cff4
SSDEEP

12288:bb7jkD3v0VBRxE5MBGlcM7UdTMl7UZWG1j3FLiUhf:bb3w3v8BRqEM7UdcU1j35iI

Score

3^/10

Program crash 3 IoCs

pid	pid_target	Process	procid_target
2372	1176	WerFault.exe	82
2736	1176	WerFault.exe	82
4312	1176	WerFault.exe	82

C:\Users\Admin\AppData\Local\Temp\4ae4d97bf49da34a1dfd43f3dce8d189_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\4ae4d97bf49da34a1dfd43f3dce8d189_JaffaCakes118.exe"
1⤵
PID:1176
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1176 -s 220
  2⤵
  - Program crash
  PID:2372
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1176 -s 228
  2⤵
  - Program crash
  PID:2736
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1176 -s 256
  2⤵
  - Program crash
  PID:4312

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1176 -ip 1176
1⤵
PID:1140

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 1176 -ip 1176
1⤵
PID:4404

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 1176 -ip 1176
1⤵
PID:1824

memory/1176-0-0x0000000000400000-0x00000000004E4000-memory.dmp

Filesize
912KB

Download
memory/1176-1-0x0000000000400000-0x00000000004E4000-memory.dmp

Filesize
912KB

Download