65348b23df6f99a98793f3adb907829bbe3d304b6b09b9181ad86e13a5da5dc0

Analysis

max time kernel
12s
max time network
20s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
12-07-2024 12:30

Target

3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe
Size

13KB
MD5

3d63058939efe6b517e4d4c07e9abd4b
SHA1

705090bea99ec1ecb4245f9ffc9ffacbcc3695f8
SHA256

65348b23df6f99a98793f3adb907829bbe3d304b6b09b9181ad86e13a5da5dc0
SHA512

68fcd37dfbd6b8531ebcb5bd05a4297bceb7cae5d7a2a474b2e4c378b7eb6f13f0a661794ed63768bfd8beac679cb7ac52b51b309db049e1a66a091f7ea49503
SSDEEP

384:PA7PFzLjZfro7IG8JbiHnkofIV13AN0YX4wbTw:PodzvZfrMceH9a1w6r

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2248	cmd.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2160 wrote to memory of 2248	2160	3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe	30
PID 2160 wrote to memory of 2248	2160	3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe	30
PID 2160 wrote to memory of 2248	2160	3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe	30
PID 2160 wrote to memory of 2248	2160	3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe	30

C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2160
- C:\Windows\SysWOW64\cmd.exe
  cmd /c "C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.bat"
  2⤵
  - Deletes itself
  PID:2248

C:\Users\Admin\AppData\Local\Temp\3d63058939efe6b517e4d4c07e9abd4b_JaffaCakes118.bat

Filesize
307B

MD5
75cba84b9fa1b97c927e9d3bc0d65944

SHA1
879d4aa1fb3b083a2e4cab853f95cc7ddf1362fc

SHA256
2972c0a3483b132e8eedc12521db29b5a079c290124bec4f8838e00909a79dbd

SHA512
a46ebdb739c4c34fb357c26dec7f657f5c284aad19c4924b7932d8cac4deeb642b7a3f0a8b1d60501d08b87763c5da62f3caaee99fb21f94ca98a3c28aa17564

Download Submit
memory/2160-1-0x0000000000020000-0x0000000000025000-memory.dmp

Filesize
20KB

Download
memory/2160-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2160-11-0x0000000000020000-0x0000000000025000-memory.dmp

Filesize
20KB

Download
memory/2160-10-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download