a056170c3d94424992d061ee455b48823fcf49c6d9d0b4bc16a4142866283811

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
05/05/2024, 08:32

Target

16d6da1ce68edcf064335a92bd14a8b2_JaffaCakes118.exe
Size

1.1MB
MD5

16d6da1ce68edcf064335a92bd14a8b2
SHA1

3c4434c808a3097b024d12e4d8ecbe3a3b16ff90
SHA256

a056170c3d94424992d061ee455b48823fcf49c6d9d0b4bc16a4142866283811
SHA512

91708bde6afe4463e29c88ed09ee4db44afe29cb7f0b67837dfc67f9b79f24c2236e5606199b4680afe8568b662658cc495553ebe2fe08bbcd2dbabb50ff4bbe
SSDEEP

24576:44923NEP/mZTfIc3QQp6LDVtFhxzSP57G73GEyYwH/d1oDm:4K29ZUc37pSRShY3xy9Hz

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2132	16d6da1ce68edcf064335a92bd14a8b2_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2132	16d6da1ce68edcf064335a92bd14a8b2_JaffaCakes118.exe

memory/2132-0-0x0000000074CDE000-0x0000000074CDF000-memory.dmp

Filesize
4KB

Download
memory/2132-1-0x0000000001310000-0x000000000142E000-memory.dmp

Filesize
1.1MB

Download
memory/2132-2-0x0000000006F00000-0x000000000700C000-memory.dmp

Filesize
1.0MB

Download
memory/2132-3-0x0000000074CD0000-0x00000000753BE000-memory.dmp

Filesize
6.9MB

Download
memory/2132-4-0x0000000000280000-0x0000000000290000-memory.dmp

Filesize
64KB

Download
memory/2132-5-0x0000000074CD0000-0x00000000753BE000-memory.dmp

Filesize
6.9MB

Download
memory/2132-6-0x0000000074CD0000-0x00000000753BE000-memory.dmp

Filesize
6.9MB

Download