c116ddda5554dea7b31e30d895359bb71415bd496d7c0bf183a06ab6abe90804

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10/07/2024, 08:38

Target

34018b217845f29286dbbebecbd4c7a6_JaffaCakes118.exe
Size

34KB
MD5

34018b217845f29286dbbebecbd4c7a6
SHA1

43b4e399efc3b520cc37e8dceb478514982b3f1c
SHA256

c116ddda5554dea7b31e30d895359bb71415bd496d7c0bf183a06ab6abe90804
SHA512

b2cc00bded096f6e1d1f5bc90997cdfd1a64d54771b3117b071a695cfbc7ec655a82b0118e7b0b6af034af8fb12eac4beff7a060ef3f29d6af6a9f82d52aab8e
SSDEEP

768:MaXrVYNNDn6mOpRne1UfOcSZVGgLnEqr0f/RzyR+J+YAy9XNxOH:MwJjmTTbRLnH0f/RnJvAYds

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3100-0-0x0000000000400000-0x0000000000421000-memory.dmp	upx
behavioral2/memory/3100-4-0x0000000000400000-0x0000000000421000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3100	34018b217845f29286dbbebecbd4c7a6_JaffaCakes118.exe
3100	34018b217845f29286dbbebecbd4c7a6_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\34018b217845f29286dbbebecbd4c7a6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\34018b217845f29286dbbebecbd4c7a6_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3100

memory/3100-0-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/3100-4-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download