cae5eb09a42d42fdfbe9af401838a0f298391609c44dd84990c031b527676db6

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
08-07-2024 15:15

Target

2cd0e68fc0df5619d3b72c47afe9a216_JaffaCakes118.exe
Size

148KB
MD5

2cd0e68fc0df5619d3b72c47afe9a216
SHA1

f76dbb7c2791a02a52313939f4a914f839b1ea02
SHA256

cae5eb09a42d42fdfbe9af401838a0f298391609c44dd84990c031b527676db6
SHA512

dc58eda26fd24c166d9ae8657a78c6c8e41ed3b8ffd4f192a9289e966e14d568d253088778c105847c7a754b1aa59ddd1f228198cf9193f801867fd8a77ade5b
SSDEEP

3072:HB0KosanGDhPRMas35lREp5qgz/rga7mMTy0BufbDPl:hX1Z0JlRWhga6MO3l

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2356	2cd0e68fc0df5619d3b72c47afe9a216_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 1240	2356	2cd0e68fc0df5619d3b72c47afe9a216_JaffaCakes118.exe	21
PID 2356 wrote to memory of 1240	2356	2cd0e68fc0df5619d3b72c47afe9a216_JaffaCakes118.exe	21

memory/1240-5-0x0000000002540000-0x000000000254C000-memory.dmp

Filesize
48KB

Download
memory/1240-4-0x0000000002540000-0x000000000254C000-memory.dmp

Filesize
48KB

Download
memory/2356-0-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2356-1-0x00000000002B0000-0x00000000002D8000-memory.dmp

Filesize
160KB

Download
memory/2356-2-0x00000000002B0000-0x00000000002D8000-memory.dmp

Filesize
160KB

Download
memory/2356-3-0x00000000002E0000-0x00000000002F8000-memory.dmp

Filesize
96KB

Download
memory/2356-6-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download