Overview

overview

3

Static

static

3

614d8caa7e...18.exe

windows7-x64

1

614d8caa7e...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/07/2024, 20:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    614d8caa7ea1b5c28295861445d33638_JaffaCakes118.exe

  • Size

    28KB

  • MD5

    614d8caa7ea1b5c28295861445d33638

  • SHA1

    d3bb8e6cd16174c07e581dafaaef97668bbaedc2

  • SHA256

    d7ace5d3c8a466fc60b77e2f8b7f9362e12e82ee41eded3a179363d5eee72dbe

  • SHA512

    954176678d7f5e27bc3f5f0ebf1f63ebb5b50eac97613e05a90200856edb4ec6d591965c03f03cd726dc01b4e12bed584dea9d4266e18f6c3407b0bc49c2530b

  • SSDEEP

    768:OGWRhAszISYZ8chSECXxcpKhS9l+1dVVl:OGghAs0OchSECXXSn+1f

Score
3/10

Malware Config

Signatures

  • Program crash 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\614d8caa7ea1b5c28295861445d33638_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\614d8caa7ea1b5c28295861445d33638_JaffaCakes118.exe"
    1⤵
      PID:840
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 784
        2⤵
        • Program crash
        PID:3968
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 784
        2⤵
        • Program crash
        PID:2492
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 808
        2⤵
        • Program crash
        PID:4384
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 816
        2⤵
        • Program crash
        PID:1920
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 916
        2⤵
        • Program crash
        PID:3580
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 1008
        2⤵
        • Program crash
        PID:1032
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 840 -s 140
        2⤵
        • Program crash
        PID:2732
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 840 -ip 840
      1⤵
        PID:5032
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 840 -ip 840
        1⤵
          PID:976
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 840 -ip 840
          1⤵
            PID:4616
          • C:\Windows\SysWOW64\WerFault.exe
            C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 840 -ip 840
            1⤵
              PID:4476
            • C:\Windows\SysWOW64\WerFault.exe
              C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 840 -ip 840
              1⤵
                PID:1584
              • C:\Windows\SysWOW64\WerFault.exe
                C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 840 -ip 840
                1⤵
                  PID:3988
                • C:\Windows\SysWOW64\WerFault.exe
                  C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 840 -ip 840
                  1⤵
                    PID:1508

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • memory/840-0-0x0000000000400000-0x0000000000411000-memory.dmp

                    Filesize

                    68KB

                    Download

                  • memory/840-1-0x0000000000400000-0x0000000000411000-memory.dmp

                    Filesize

                    68KB

                    Download

                  • memory/840-2-0x0000000000400000-0x0000000000411000-memory.dmp

                    Filesize

                    68KB

                    Download