00cbd7713b9cb9ca86790ad63f65122b21a7b17866283a35d1655c6404f30f03

Analysis

max time kernel
149s
max time network
123s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
20-06-2024 18:44

Target

08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe
Size

94KB
MD5

08c5567024314323df8ea8174748f2a2
SHA1

fd75c3223e7b5605a680c9bcacde289a10e8a087
SHA256

00cbd7713b9cb9ca86790ad63f65122b21a7b17866283a35d1655c6404f30f03
SHA512

44667c6d836c1c981ba4fa3af6b175d4b225c074b82cdd2c7ada0ac758d3a00f61cd03ebd736a0a2bb74cc6a091967218a1d47e81f08e2bfab497d2ae3e12c0e
SSDEEP

1536:WwFiYKstdTLFTX6EgFavH6YecmBDGFMu+StlJyMbruU/83p6y:rivsb3xX6davHP/mDeMKFB/qp/

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2352-0-0x0000000000400000-0x0000000000426000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28
PID 2352 wrote to memory of 1600	2352	08c5567024314323df8ea8174748f2a2_JaffaCakes118.exe	28

memory/1600-5-0x0000000000100000-0x0000000000109000-memory.dmp

Filesize
36KB

Download
memory/1600-6-0x0000000000100000-0x0000000000109000-memory.dmp

Filesize
36KB

Download
memory/1600-8-0x0000000000100000-0x0000000000109000-memory.dmp

Filesize
36KB

Download
memory/1600-11-0x0000000000100000-0x0000000000109000-memory.dmp

Filesize
36KB

Download
memory/2352-0-0x0000000000400000-0x0000000000426000-memory.dmp

Filesize
152KB

Download
memory/2352-1-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2352-3-0x00000000001D0000-0x00000000001E2000-memory.dmp

Filesize
72KB

Download
memory/2352-4-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2352-7-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download