8574776fb23991ef19a0988d721079a31b9c6519200bbcac63b515a238545f9c

Analysis

max time kernel
141s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
05/07/2024, 13:33

Target

26f1df02ff4e1427570af9358c166435_JaffaCakes118.exe
Size

3.3MB
MD5

26f1df02ff4e1427570af9358c166435
SHA1

61c5f0e164a2ddee7528f4295d4f5231b752ffa2
SHA256

8574776fb23991ef19a0988d721079a31b9c6519200bbcac63b515a238545f9c
SHA512

a68e5b3d02025a6420e910483890d735144e82bfd0c65a637051a3be6462cfd2a0eb77817e7aac22ab8fa88a7ed1f7ca44fe31c898aad9e8fed7b5eeb5b0bf2e
SSDEEP

49152:eWKo2dxjnnRqOsWBjZm8wo860OmK8FXB20Grju4VVaYJeV8dx8iBY+x3b7rvc:mnnRqzSKF60Ob8FQ5ueYcdi2o

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2192-0-0x0000000000400000-0x0000000000584000-memory.dmp	upx

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2192	26f1df02ff4e1427570af9358c166435_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2192	26f1df02ff4e1427570af9358c166435_JaffaCakes118.exe

memory/2192-1-0x0000000000230000-0x0000000000235000-memory.dmp

Filesize
20KB

Download
memory/2192-0-0x0000000000400000-0x0000000000584000-memory.dmp

Filesize
1.5MB

Download
memory/2192-3-0x0000000000400000-0x0000000000584000-memory.dmp

Filesize
1.5MB

Download
memory/2192-2-0x0000000000400000-0x0000000000584000-memory.dmp

Filesize
1.5MB

Download
memory/2192-4-0x0000000000400000-0x0000000000584000-memory.dmp

Filesize
1.5MB

Download