1ee6a387c72e0da14746356089d928c320ac567539ff0d6d7d32ba683eb7b021

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
14/07/2024, 00:18

Target

43c7f6e57bdb622aae8a4f150eb48bfc_JaffaCakes118.exe
Size

333KB
MD5

43c7f6e57bdb622aae8a4f150eb48bfc
SHA1

f53308302637cac613036c6002495279a9089e51
SHA256

1ee6a387c72e0da14746356089d928c320ac567539ff0d6d7d32ba683eb7b021
SHA512

a0ff9566c7ad99d3bd2bfe77f33b94d74280a99e682c63ccf6b1f1352d0b3b3166721dd91f7a1e2559446a1d2658bb11fa50abdbad82a6636ca459cc16e889de
SSDEEP

6144:19cayFdD73xJQ1WKznInHjdq+kpxjq4/iwAJacFPAwKrByrjxepRIPsB:19rY1P6vzn+fkp6Lz5KrcrjxeeQ

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2296-0-0x0000000000400000-0x00000000004D6000-memory.dmp	upx
behavioral1/memory/2296-3-0x0000000000400000-0x00000000004D6000-memory.dmp	upx

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\spycop.zip	43c7f6e57bdb622aae8a4f150eb48bfc_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\43c7f6e57bdb622aae8a4f150eb48bfc_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\43c7f6e57bdb622aae8a4f150eb48bfc_JaffaCakes118.exe"
1⤵
- Drops file in System32 directory
PID:2296

memory/2296-0-0x0000000000400000-0x00000000004D6000-memory.dmp

Filesize
856KB

Download
memory/2296-1-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/2296-3-0x0000000000400000-0x00000000004D6000-memory.dmp

Filesize
856KB

Download