Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
20-07-2024 08:17
General
-
Target
5fb84fb89214d76f21d9f74ebffe997f_JaffaCakes118.exe
-
Size
647KB
-
MD5
5fb84fb89214d76f21d9f74ebffe997f
-
SHA1
605d7e32370e679437fa25f1073176a84773a1f9
-
SHA256
9fde1d47668711092887d814fddad93fc75c1140973d614a90f85eda2ea15f2e
-
SHA512
fae73ef38d64ccc2320fd2e5eb3ba0fb961599b4930caf78d01297b83def71cbbebc56dc29533e6081cedf97d7b09cb8ee6f478dbefc20802e2f14af7279b03e
-
SSDEEP
12288:6HBozN/AHTPfwpzO5xFpiEB5r5mMy8Xf/8FUXWRGzhOx8bUJZ2:6K6HrwUXJ1oSMQWuhWS
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 9 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5fb84fb89214d76f21d9f74ebffe997f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5fb84fb89214d76f21d9f74ebffe997f_JaffaCakes118.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5fb84fb89214d76f21d9f74ebffe997f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5fb84fb89214d76f21d9f74ebffe997f_JaffaCakes118.exe"2⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4304 -s 803⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 4304 -ip 43041⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
624KB