d82f4b3f37735a275f3f349283377a10d1684662744748514e1c2b0a1f168dc0

Analysis

max time kernel
140s
max time network
123s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 23:25

Target

0feaf8566813e0af09fffd572b3122ce_JaffaCakes118.exe
Size

641KB
MD5

0feaf8566813e0af09fffd572b3122ce
SHA1

194307d9e3b13b3d486fb65b8adb0244cc8240a3
SHA256

d82f4b3f37735a275f3f349283377a10d1684662744748514e1c2b0a1f168dc0
SHA512

46724b01630cd9eb0b4128dc32f21578846756cfa0f8b452adee0e2b151407ea8f8aef9df4852bb9058fe72f135e415c7a98a98e73f1dbe3979dfbb041ffdbe1
SSDEEP

12288:irVZGP6ekXCDyLHNVbk8yQa1yHnn2edfEi6/VTByBc99Sx+sji6zRj3PnMSP:i7QJkXqyZVA8zn2e9L6/3yGSx+iiC3P

Score

1^/10

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2464	0feaf8566813e0af09fffd572b3122ce_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\0feaf8566813e0af09fffd572b3122ce_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0feaf8566813e0af09fffd572b3122ce_JaffaCakes118.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:2464

memory/2464-0-0x0000000000400000-0x0000000000542000-memory.dmp

Filesize
1.3MB

Download
memory/2464-1-0x0000000000290000-0x00000000002DB000-memory.dmp

Filesize
300KB

Download
memory/2464-5-0x00000000001E0000-0x00000000001F9000-memory.dmp

Filesize
100KB

Download
memory/2464-4-0x0000000000200000-0x0000000000209000-memory.dmp

Filesize
36KB

Download
memory/2464-3-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/2464-2-0x0000000000290000-0x00000000002DB000-memory.dmp

Filesize
300KB

Download
memory/2464-6-0x0000000000400000-0x0000000000542000-memory.dmp

Filesize
1.3MB

Download
memory/2464-8-0x0000000000290000-0x00000000002DB000-memory.dmp

Filesize
300KB

Download