8c1ced561cabed1d905410a9679918ca2088d76c38dcaeb332ab7fde69c625cc

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
19-06-2024 22:14

Target

00d26035b2a88f27106ef6b9b8e06e71_JaffaCakes118.dll
Size

80KB
MD5

00d26035b2a88f27106ef6b9b8e06e71
SHA1

29837deedf4134ec1e66dfaeb1d6bec59ca94d06
SHA256

8c1ced561cabed1d905410a9679918ca2088d76c38dcaeb332ab7fde69c625cc
SHA512

9417927b74a4c602fed16626280b6ab156a8f7d6b08603f0bde38c079509dc1a779e53ee1a07fbd77fee9773c2185c044d27aae98877be525b2b3ed28624e929
SSDEEP

1536:iF0rmQiDkUVWCcZ0HdIosj3Dhq0qe5O8TAwadIoD6p:c0iQiDkqyZ0ufDE0qeciJad5DG

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28
PID 2780 wrote to memory of 1728	2780	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\00d26035b2a88f27106ef6b9b8e06e71_JaffaCakes118.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2780
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\00d26035b2a88f27106ef6b9b8e06e71_JaffaCakes118.dll,#1
  2⤵
  PID:1728

memory/1728-1-0x0000000010000000-0x000000001000C000-memory.dmp

Filesize
48KB

Download
memory/1728-5-0x0000000010000000-0x000000001000C000-memory.dmp

Filesize
48KB

Download
memory/1728-6-0x0000000010000000-0x000000001000C000-memory.dmp

Filesize
48KB

Download
memory/1728-0-0x00000000000B0000-0x00000000000BD000-memory.dmp

Filesize
52KB

Download
memory/1728-7-0x00000000000B0000-0x00000000000BD000-memory.dmp

Filesize
52KB

Download
memory/1728-8-0x00000000000B0000-0x00000000000B6000-memory.dmp

Filesize
24KB

Download