8f429e9c263807be751a64398366310bbdef990a0b99a668e17a96c7e1b8f0bb

Analysis

max time kernel
141s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 14:52

Target

50141640fa97988ba8f6a42020be5483_JaffaCakes118.exe
Size

361KB
MD5

50141640fa97988ba8f6a42020be5483
SHA1

0954913ac5fb2901376af029beeadada552aacee
SHA256

8f429e9c263807be751a64398366310bbdef990a0b99a668e17a96c7e1b8f0bb
SHA512

d939e7b18e3d92b1bfe33bd62058d594a334bd9cbb9b29c47f19fc768a469121767915199a7e83eeadf6c6eaaee1a92e5af70d733c21d27ecb1d01ceb78b628a
SSDEEP

6144:wiD1ZH43OvoC6RouhBknNnVh2LUf0lO3r7cXoYNPE/ROPR9F7bVMrvz:ww4C6RoIinfh+UMO7Qs/kPR9FbVMrvz

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3272-0-0x0000000000220000-0x00000000003E7000-memory.dmp	upx
behavioral2/memory/3272-3-0x0000000000220000-0x00000000003E7000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\50141640fa97988ba8f6a42020be5483_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\50141640fa97988ba8f6a42020be5483_JaffaCakes118.exe"
1⤵
PID:3272

memory/3272-0-0x0000000000220000-0x00000000003E7000-memory.dmp

Filesize
1.8MB

Download
memory/3272-1-0x0000000036DE0000-0x0000000036DF0000-memory.dmp

Filesize
64KB

Download
memory/3272-2-0x0000000000CC0000-0x0000000000CC1000-memory.dmp

Filesize
4KB

Download
memory/3272-3-0x0000000000220000-0x00000000003E7000-memory.dmp

Filesize
1.8MB

Download
memory/3272-5-0x0000000000CC0000-0x0000000000CC1000-memory.dmp

Filesize
4KB

Download