15d416b1bccdbcb1303fce192b3368192e8d1e985a07590dc2dcd57d20759728

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 14:31

Target

eb47f29b24ffb8f8979d256d9754acdd_JaffaCakes118.dll
Size

18KB
MD5

eb47f29b24ffb8f8979d256d9754acdd
SHA1

311ce0c9b48f6822ff6cdc4a996f7d95353acbfe
SHA256

15d416b1bccdbcb1303fce192b3368192e8d1e985a07590dc2dcd57d20759728
SHA512

8d3543924c122462d7caa20532bae9d038e6efc907ef3bb723f9e298bccbdb0896bb81e01bd9134b69d89297b5df9cafcde6ceb7e406b30701c315d276c6bd3a
SSDEEP

384:KTZmwBRPuRZqi4PRfSR/jHVeeLfgPqc+urDZRQcNtHu2:WZFv2RYtZfa/zV7kCBuffQ2

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2248 wrote to memory of 4868	2248	rundll32.exe	95
PID 2248 wrote to memory of 4868	2248	rundll32.exe	95
PID 2248 wrote to memory of 4868	2248	rundll32.exe	95

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\eb47f29b24ffb8f8979d256d9754acdd_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2248
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\eb47f29b24ffb8f8979d256d9754acdd_JaffaCakes118.dll,#1
  2⤵
  PID:4868

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1028 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
1⤵
PID:4476

memory/4868-0-0x0000000077BA0000-0x0000000077BA7000-memory.dmp

Filesize
28KB

Download
memory/4868-1-0x0000000077BA0000-0x0000000077BA7000-memory.dmp

Filesize
28KB

Download
memory/4868-2-0x00000000029B0000-0x00000000029F0000-memory.dmp

Filesize
256KB

Download