0e72a6eb00b8d48524474c158fae73b8729962a0f5c669f6a52e49b898cb7178

Analysis

max time kernel
41s
max time network
46s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/07/2024, 10:44

Target

2214109350e71554cb4a4e0937cfd1e8_JaffaCakes118.exe
Size

340KB
MD5

2214109350e71554cb4a4e0937cfd1e8
SHA1

194296f45f7e9afda2fad63810bcf9365d2c0f39
SHA256

0e72a6eb00b8d48524474c158fae73b8729962a0f5c669f6a52e49b898cb7178
SHA512

bec5805e9533379b506b82f1b8bf435ff289fb974313ebf644831a45a796c961dd6a75415fdcbdff17f280d107414a39e20495bd92a55bcf76c0786ebe586153
SSDEEP

384:5vMkHY7t93KkL0jOOCjGVjr/LFvlaxr9r4jjlGCrSMEHMGus:5vMfhhLwOOCjGh3pl0R4fYESFHMp

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1968-0-0x00000000003E0000-0x000000000043B000-memory.dmp	upx
behavioral2/memory/1968-2-0x00000000003E0000-0x000000000043B000-memory.dmp	upx

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\secupdat.dat	2214109350e71554cb4a4e0937cfd1e8_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2214109350e71554cb4a4e0937cfd1e8_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2214109350e71554cb4a4e0937cfd1e8_JaffaCakes118.exe"
1⤵
- Drops file in System32 directory
PID:1968

memory/1968-0-0x00000000003E0000-0x000000000043B000-memory.dmp

Filesize
364KB

Download
memory/1968-2-0x00000000003E0000-0x000000000043B000-memory.dmp

Filesize
364KB

Download