476f24f8e136b2d97c1910d75fcb9c5b6700149004fecb7ab91140e56b1e7b40

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
09/07/2024, 23:13

Target

3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe
Size

220KB
MD5

3260206ef40a7353754945c38bcb13e7
SHA1

398517aadd6a5b9430ccaa7c2467a6c9c85d93fc
SHA256

476f24f8e136b2d97c1910d75fcb9c5b6700149004fecb7ab91140e56b1e7b40
SHA512

6f37366fa1659d17f67a8e1dd32e4ee1aba6ba691c4e861ccf7026c2f8f382b8e80c471711b3578c32cd074e218e2a7c865061557d51fed507f1e303226d3076
SSDEEP

3072:+cAk+x+44dia8japi7+z/LYCMuEjKBiTZQaT0HhXxy/xS1wfzf6EHK:+c52+qapi0/LYC/EjKBiFBEhKjxK

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2584 set thread context of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2584 wrote to memory of 2084	2584	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	30
PID 2084 wrote to memory of 1200	2084	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	21
PID 2084 wrote to memory of 1200	2084	3260206ef40a7353754945c38bcb13e7_JaffaCakes118.exe	21

memory/1200-16-0x00000000025B0000-0x00000000025BC000-memory.dmp

Filesize
48KB

Download
memory/1200-15-0x00000000025B0000-0x00000000025BC000-memory.dmp

Filesize
48KB

Download
memory/2084-20-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-18-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-14-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-1-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-11-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-9-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-7-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-5-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2084-3-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download
memory/2584-0-0x0000000000400000-0x0000000000461000-memory.dmp

Filesize
388KB

Download
memory/2584-13-0x0000000000400000-0x0000000000461000-memory.dmp

Filesize
388KB

Download