47a9b1ef6f2087dd27ed330d5392b2a6445274e979a702372314f2679e1edd90

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
12/07/2024, 18:40

Target

3e70fbd1e015837b6c72eb2521df6e4f_JaffaCakes118.exe
Size

2.4MB
MD5

3e70fbd1e015837b6c72eb2521df6e4f
SHA1

8c9453d7acb2fd6652365e2f1f818d73e0caf4f0
SHA256

47a9b1ef6f2087dd27ed330d5392b2a6445274e979a702372314f2679e1edd90
SHA512

a6bd5b6dbf182db989d192a6cf8f92fad427fac17912e1b1b88b565f671a7571f5aa19e346796e75031d2004ed1c27c59e792f97e5037100a1944ae169c60de3
SSDEEP

24576:Z8uA1qMrxSCMT8ztXy5z6HucS2+wE7R4sTZaqdiXSp0c02uFG6dAk3CMur/keU:ZsqwxSkRi5KucKRTZaqdwk0c05HGiur

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2112-0-0x0000000000400000-0x000000000066F000-memory.dmp	upx
behavioral1/memory/2112-1-0x0000000000400000-0x000000000066F000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2112	3e70fbd1e015837b6c72eb2521df6e4f_JaffaCakes118.exe
2112	3e70fbd1e015837b6c72eb2521df6e4f_JaffaCakes118.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2112	3e70fbd1e015837b6c72eb2521df6e4f_JaffaCakes118.exe
2112	3e70fbd1e015837b6c72eb2521df6e4f_JaffaCakes118.exe

memory/2112-0-0x0000000000400000-0x000000000066F000-memory.dmp

Filesize
2.4MB

Download
memory/2112-1-0x0000000000400000-0x000000000066F000-memory.dmp

Filesize
2.4MB

Download