6c354c828c19925ae05291b8edc3a3115febebbc6faa671cea2e3b924b10376a

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21/04/2024, 16:24

Target

ffb1959e9e9a06be904f489c5185fec3_JaffaCakes118.exe
Size

172KB
MD5

ffb1959e9e9a06be904f489c5185fec3
SHA1

595b3ef0325b423fa9c94db9085dd202c03eb9c9
SHA256

6c354c828c19925ae05291b8edc3a3115febebbc6faa671cea2e3b924b10376a
SHA512

9a510cb032e3bdd48ebbc3ddaeab217d6001f706fdbb03ad582dbc10abb78f4004f96a644c074e5ceb065397ce23e587afdeaf304c35caf1522f848984b9ca4f
SSDEEP

3072:JxkNwTZXypNnQ+uV2rdMGS7xRHD6l9l8FtuoPHMFOeeGXbxTGFQpAAAAAAAAAAAs:3k+ZunQ+uEpMzRj6l9KFtHPHCOee4Bpz

Score

8^/10

Drops file in Drivers directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\docker19.sys	ffb1959e9e9a06be904f489c5185fec3_JaffaCakes118.exe

Suspicious behavior: LoadsDriver 1 IoCs

pid	Process
480	Process not Found

C:\Users\Admin\AppData\Local\Temp\ffb1959e9e9a06be904f489c5185fec3_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\ffb1959e9e9a06be904f489c5185fec3_JaffaCakes118.exe"
1⤵
- Drops file in Drivers directory
PID:860

memory/860-0-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download
memory/860-1-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download
memory/860-3-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download
memory/860-6-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download