76b03e08226ab23c3be02b8754187398f6b5f4cf4e099dbc227a57eb34666f5a

Analysis

max time kernel
119s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
31-05-2024 03:15

Target

74c2f8412fc4899c7e1fddbbe0c608f0JaffaCakes118.dll
Size

160KB
MD5

74c2f8412fc4899c7e1fddbbe0c608f0
SHA1

c9430de70615f3475fa75db01b19fc3be621922b
SHA256

76b03e08226ab23c3be02b8754187398f6b5f4cf4e099dbc227a57eb34666f5a
SHA512

b6ed34178d95f5184097a3d5b4cb5b566305a12bf8e57cb4fc7dbd93678ce2d0cd5c3ff61339529aa0fc7428f623316954f7d023300c1b7a5e21281f33e6fd45
SSDEEP

1536:Gls0QszjGz02ZPO9nEpXiMpi28p7Pbi4eTMluxtXDCntTnICS4Ay4bbaeR+fw7PQ:8RwOWpXiIgLbi4eTMlwDCnuo4JouPgC

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28
PID 1152 wrote to memory of 2280	1152	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74c2f8412fc4899c7e1fddbbe0c608f0JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1152
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\74c2f8412fc4899c7e1fddbbe0c608f0JaffaCakes118.dll,#1
  2⤵
  PID:2280

memory/2280-1-0x00000000000B0000-0x00000000000BA000-memory.dmp

Filesize
40KB

Download
memory/2280-3-0x0000000002CB0000-0x0000000002D4F000-memory.dmp

Filesize
636KB

Download
memory/2280-10-0x00000000033A0000-0x00000000034A9000-memory.dmp

Filesize
1.0MB

Download
memory/2280-14-0x00000000001E0000-0x00000000001E6000-memory.dmp

Filesize
24KB

Download
memory/2280-11-0x00000000001E0000-0x00000000001E6000-memory.dmp

Filesize
24KB

Download
memory/2280-9-0x00000000001E0000-0x00000000001E6000-memory.dmp

Filesize
24KB

Download
memory/2280-8-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2280-7-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2280-6-0x00000000000C0000-0x00000000000C1000-memory.dmp

Filesize
4KB

Download
memory/2280-4-0x0000000002D50000-0x0000000002E7D000-memory.dmp

Filesize
1.2MB

Download
memory/2280-5-0x0000000000270000-0x000000000028F000-memory.dmp

Filesize
124KB

Download
memory/2280-2-0x0000000002BE0000-0x0000000002CA9000-memory.dmp

Filesize
804KB

Download