085a17f7fd720489d471ea1282be4e799e5050f559b1ddf3286b23006b8710d4

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
20-06-2024 00:19

Target

0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Size

216KB
MD5

0163cf836bdf5bb9c66885939f05184e
SHA1

b3c2131ad4de62c9ce8c62ac80c5a690bf2ef476
SHA256

085a17f7fd720489d471ea1282be4e799e5050f559b1ddf3286b23006b8710d4
SHA512

bd64440b712b89601c73787cec6ce370a69a9b7e79eecfe4a423efc06a9c414cf234746f72e05c3eec6a5713309a8aef5f13956814f696dda75635dd0dd06cfc
SSDEEP

3072:N5o2dyo1RgRDFWuwOO2Cl0RSeGQcBSVcUZmfz2CrvsxbxRl6qWN4TpNawRaItxRZ:fdiDQTOO2ClzbS7mC2vMxR4ZNWfkI7

Score

4^/10

Drops file in Program Files directory 5 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\GFX.DLL	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe

Modifies data under HKEY_USERS 9 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Microsoft Games\Age of Empires II: The Conquerors Expansion\1.0\EULA	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Microsoft Games	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Microsoft Games\Age of Empires II: The Conquerors Expansion\1.0\EULA	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Microsoft Games\Age of Empires II: The Conquerors Expansion\1.0\EULA\FIRSTRUN = "1"	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\Software	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Microsoft Games\Age of Empires II: The Conquerors Expansion	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Microsoft Games\Age of Empires II: The Conquerors Expansion\1.0	0163cf836bdf5bb9c66885939f05184e_JaffaCakes118.exe

memory/2728-2-0x0000000000400000-0x0000000000437388-memory.dmp

Filesize
220KB

Download
memory/2728-1-0x000000000040D000-0x0000000000436000-memory.dmp

Filesize
164KB

Download
memory/2728-0-0x000000000040D000-0x0000000000438000-memory.dmp

Filesize
172KB

Download
memory/2728-3-0x0000000000270000-0x0000000000275000-memory.dmp

Filesize
20KB

Download
memory/2728-4-0x0000000000230000-0x0000000000255000-memory.dmp

Filesize
148KB

Download
memory/2728-5-0x0000000000400000-0x0000000000437388-memory.dmp

Filesize
220KB

Download
memory/2728-6-0x0000000000230000-0x0000000000255000-memory.dmp

Filesize
148KB

Download
memory/2728-7-0x000000000040D000-0x0000000000436000-memory.dmp

Filesize
164KB

Download
memory/2728-8-0x0000000000400000-0x0000000000437388-memory.dmp

Filesize
220KB

Download