e452797adaffb04899a30d8fc78375aef47a9e598b9e616228fc1cd36d39a455

Analysis

max time kernel
94s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14-07-2024 05:50

Target

4491146414a5ebd65733fab42a62e115_JaffaCakes118.exe
Size

168KB
MD5

4491146414a5ebd65733fab42a62e115
SHA1

99daa9f1432254c242ff8cf5ba6cb2c3dc330427
SHA256

e452797adaffb04899a30d8fc78375aef47a9e598b9e616228fc1cd36d39a455
SHA512

86e01c1efe30eb21d31fd45ff1407ca9d3cddc5d82fde317a0d4ec15c84d716c3380deefa21ac2dda6d9638a710465178b5cafa5321e402331850da18758e144
SSDEEP

3072:e0pS3JU2PwzzHiwHge7Vu2qr6ydO+iY23IrwwdEwVaKFr1D1LpF7KbA4djJ/E6Q:evzE6oVw6yaYUwuelJLT7H4dNE6Q

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 5048 wrote to memory of 3580	5048	4491146414a5ebd65733fab42a62e115_JaffaCakes118.exe	56
PID 5048 wrote to memory of 3580	5048	4491146414a5ebd65733fab42a62e115_JaffaCakes118.exe	56
PID 5048 wrote to memory of 3580	5048	4491146414a5ebd65733fab42a62e115_JaffaCakes118.exe	56
PID 5048 wrote to memory of 3580	5048	4491146414a5ebd65733fab42a62e115_JaffaCakes118.exe	56

memory/3580-5-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3580-6-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download
memory/5048-0-0x0000000000401000-0x0000000000403000-memory.dmp

Filesize
8KB

Download
memory/5048-1-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/5048-2-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/5048-3-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/5048-4-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download