a64f4c698e7e79de54dc63af464d461965175ee75ecc8c9b91508df98424c4ad

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
05/07/2024, 23:16

Target

27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe
Size

113KB
MD5

27325663cc290c698db5ad6a07093daa
SHA1

4a6bff5fec83240e0042a5307841f21b8d05929b
SHA256

a64f4c698e7e79de54dc63af464d461965175ee75ecc8c9b91508df98424c4ad
SHA512

5875c9ec8c1c5d700af60f30467dca04a8b1e9a7abea49add19d8b5f64d91f3059f90bca7c48eb0262f6d8d0f8d08a6e48a15b8364299fe9a73d7dc34634e33b
SSDEEP

1536:z9tMfkjQR/kkX0tsvlUlkivlgHUHB6msFfhrSb71hU/cGbOw:QD0tiuNv20HEhU1yJ

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2304 set thread context of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31
PID 2304 wrote to memory of 2668	2304	27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe	31

C:\Users\Admin\AppData\Local\Temp\27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2304
- C:\Users\Admin\AppData\Local\Temp\27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe
  C:\Users\Admin\AppData\Local\Temp\27325663cc290c698db5ad6a07093daa_JaffaCakes118.exe
  2⤵
  PID:2668

memory/2668-4-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2668-2-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2668-6-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2668-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download