Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
15/07/2024, 19:02
General
-
Target
4afe8a4aecfa1b7cf627657b5c57c6d9_JaffaCakes118.dll
-
Size
85KB
-
MD5
4afe8a4aecfa1b7cf627657b5c57c6d9
-
SHA1
588924dfd0bafe8247a42af7a658b4b35098773f
-
SHA256
1894fd120b95fef68cae5613272e77dc4f10821c78105d354699b13b96a5fc4e
-
SHA512
abbf2826889eb5345c69297eb1f1c8ccf13ee651230354d2db0a9e1ea4a737c8649dc4a0471c6d219375c164ce4a325cefa96b3468e4b75ec04daf71ec748d87
-
SSDEEP
1536:3oIivf2pM/0AL5PtzBt9922+Xsz4rbaZo5lXoUn/Bn8xg5iWqUrCjffSnGbz1i4V:3oIivQA5PtVfF+XszUbt//B8xd9g6fjL
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\4afe8a4aecfa1b7cf627657b5c57c6d9_JaffaCakes118.dll1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\4afe8a4aecfa1b7cf627657b5c57c6d9_JaffaCakes118.dll2⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2548 -s 5963⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 2548 -ip 25481⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
268KB