0813a5a97f9fc4d694737dea68c25c20ba000a15cbf17f853b536b56541f8a01

Analysis

max time kernel
93s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 06:53

Target

7fd80a3db9c6e19875c81e7efadf56b5_JaffaCakes118.exe
Size

5.9MB
MD5

7fd80a3db9c6e19875c81e7efadf56b5
SHA1

63edd56d471858c542b286f8aaf2131e6b041cb1
SHA256

0813a5a97f9fc4d694737dea68c25c20ba000a15cbf17f853b536b56541f8a01
SHA512

ce96693589275c43c5a691660494f75691f350b581b3083953d554d3ab6838d56766b3c1d8832fa133b5307e6a8a99bf4eacea6e7d744cfaa6fe5826d931ff12
SSDEEP

98304:ffhfx5SIV9L71hTAhwttmvpTxxks6719VxLt6VJILh9vXrBgLh:h7V91hT9GbK19rLt6qD7BSh

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
316	7fd80a3db9c6e19875c81e7efadf56b5_JaffaCakes118.exe
316	7fd80a3db9c6e19875c81e7efadf56b5_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\7fd80a3db9c6e19875c81e7efadf56b5_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\7fd80a3db9c6e19875c81e7efadf56b5_JaffaCakes118.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:316

memory/316-2-0x0000000000721000-0x0000000000A54000-memory.dmp

Filesize
3.2MB

Download
memory/316-3-0x0000000000530000-0x0000000001044000-memory.dmp

Filesize
11.1MB

Download
memory/316-0-0x0000000001570000-0x0000000001571000-memory.dmp

Filesize
4KB

Download
memory/316-5-0x0000000000530000-0x0000000001044000-memory.dmp

Filesize
11.1MB

Download
memory/316-6-0x0000000000721000-0x0000000000A54000-memory.dmp

Filesize
3.2MB

Download