1561af0e846b4d5bd3795b0a4825daa4ca4dac79ed7dff9789ac5632b13c5464

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10-06-2024 22:11

Target

9c1bb757aecf5a3e0a9883b0cdbd5f87_JaffaCakes118.exe
Size

220KB
MD5

9c1bb757aecf5a3e0a9883b0cdbd5f87
SHA1

8af5ec9e972ac88f2dde387593b457d254264498
SHA256

1561af0e846b4d5bd3795b0a4825daa4ca4dac79ed7dff9789ac5632b13c5464
SHA512

8cefc06a6b645fa835ce725baae8b53832cd0d5c70398984a02ddf2ed1dff68d912e5611417e6c4fe2f357737ea394250c85f389351ea8752d714107c17ddeb6
SSDEEP

6144:dDaSgEx8DFFkgDe99A0N6o2/ZBTcCsgVDZBY9A:dcpZp0N6b/rcClDZBY9A

Score

4^/10

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\AppShield.job	9c1bb757aecf5a3e0a9883b0cdbd5f87_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\9c1bb757aecf5a3e0a9883b0cdbd5f87_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\9c1bb757aecf5a3e0a9883b0cdbd5f87_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:3988

memory/3988-1-0x0000000000140000-0x0000000000141000-memory.dmp

Filesize
4KB

Download
memory/3988-0-0x0000000000130000-0x0000000000131000-memory.dmp

Filesize
4KB

Download
memory/3988-2-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/3988-3-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/3988-4-0x0000000000180000-0x00000000001A0000-memory.dmp

Filesize
128KB

Download
memory/3988-9-0x0000000000180000-0x00000000001A0000-memory.dmp

Filesize
128KB

Download
memory/3988-5-0x0000000000990000-0x00000000009BF000-memory.dmp

Filesize
188KB

Download
memory/3988-17-0x0000000000180000-0x00000000001A0000-memory.dmp

Filesize
128KB

Download