2d6d35fed301ad6f7d4ce9c71efad61df2ecf5f0ef260311815d039652c1306d

Analysis

max time kernel
93s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10-07-2024 07:53

Target

33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Size

479KB
MD5

33de93f66878f0682fba1ce729e5d4e4
SHA1

3eb79714fb8ef77acdb7ceb3422dd299b4cb64c8
SHA256

2d6d35fed301ad6f7d4ce9c71efad61df2ecf5f0ef260311815d039652c1306d
SHA512

280c3ed3ec74297dd103bb7eae0ac63fdf63496e6ba4f9d27a9716fde2e818cc5f6dfc34d3951dc78822e518f98834fe6d707db0a0b0e2e7de278abb68f518ab
SSDEEP

6144:jSquERBs+iVJTT7nwydqjg0JZbggU+PbQKOia74GpjrJzMwxVN7ivZf+3jIRooOD:jPbsRjofZbpTTQEc4GpjFp7UZfrKzPXb

Score

1^/10

Modifies registry class 8 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.hrd	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.hrd\ = "???????"	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\???????	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\???????\ = "???????"	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\???????\shell\open\command	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\???????\shell	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\???????\shell\open	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\???????\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\33DE93~1.EXE \"%1\""	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4128	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe
4128	33de93f66878f0682fba1ce729e5d4e4_JaffaCakes118.exe