e66de5b8273d81420f670eb1829439801a6140a1d9cc2bd6fc4a1dc3417603c5

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20-04-2024 09:50

Target

fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe
Size

437KB
MD5

fc7bbfb1f6e8bd4ed4073fead3e9994b
SHA1

68d8f9fdb58d1215c562790445f3b781e03f267b
SHA256

e66de5b8273d81420f670eb1829439801a6140a1d9cc2bd6fc4a1dc3417603c5
SHA512

cf93e2d5c5593af1ca890458a1e6303066b16b2862f4fdda19a5b1fff61fd9b6fb156985c43cd9f104741229991dd7d423e2c9d448ca31c24c375b3d40dc9baa
SSDEEP

12288:6XteQ/YgcEWwsi+QXqJQlyssEtCIG9J0IOMr5iE:6XZ/YusUa2lmKCfM2YE

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2140 set thread context of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28
PID 2140 wrote to memory of 2912	2140	fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe	28

C:\Users\Admin\AppData\Local\Temp\fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Users\Admin\AppData\Local\Temp\fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\fc7bbfb1f6e8bd4ed4073fead3e9994b_JaffaCakes118.exe
  2⤵
  PID:2912

memory/2140-4-0x0000000010000000-0x0000000010010000-memory.dmp

Filesize
64KB

Download
memory/2912-0-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-1-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2912-3-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-5-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-6-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-7-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-8-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2912-9-0x0000000000400000-0x000000000046A000-memory.dmp

Filesize
424KB

Download
memory/2912-10-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download