7174f1337a521bc6c218ad8890a7d2d1d306e5d6a0cfdf510e9dece32cecd53a

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 00:08

Target

0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe
Size

160KB
MD5

0b7080a15cc9ddfc17e68740420d13f9
SHA1

642261e41ac483e319b0bc3170c09f2420657e9e
SHA256

7174f1337a521bc6c218ad8890a7d2d1d306e5d6a0cfdf510e9dece32cecd53a
SHA512

1fc6cfc2e0ab39003be3729917eacae3f9e77ee626625be88be09278b3f979579de4efdf18c0c784ae2f8aaecfd12552efbf214ef30fa2607bdd75cc71600faa
SSDEEP

3072:w4p2Ck9rzW8Ya32jT1Le47f7klAhM0hcx2vzYV8IJUrLc:wRCk9rzjv32d37fQlAmd2vUqImnc

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe
2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21
PID 2284 wrote to memory of 1168	2284	0b7080a15cc9ddfc17e68740420d13f9_JaffaCakes118.exe	21

memory/1168-5-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1168-11-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/2284-1-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2284-0-0x0000000000401000-0x0000000000403000-memory.dmp

Filesize
8KB

Download
memory/2284-2-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2284-3-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2284-4-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download