051f43c158cc2c744dda5f9ae2a4facef884adb2ff50b6f6d82e7bc25688af5e

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
14/07/2024, 17:21 UTC

Target

46c9abb3619c25bfa63ff60c1c3a729a_JaffaCakes118.exe
Size

218KB
MD5

46c9abb3619c25bfa63ff60c1c3a729a
SHA1

c7c31d0ac45a905eb815aec4145fe84cbfb18a46
SHA256

051f43c158cc2c744dda5f9ae2a4facef884adb2ff50b6f6d82e7bc25688af5e
SHA512

3db22f31bd4a8e29a7f93ca5966ffc6af24da30829de31041aa34c93bad7026a47276e0759698ca5de2815f2fd34da086dc7c8e57c3466f55f312bc1a5da70df
SSDEEP

1536:Oy7zaBDriDEJEc42e1XBABRel3fwH8roqMs7ZFAHu:Oy3YDriDEJEc42ehBAq2u+mFAHu

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2716-1-0x0000000000400000-0x0000000000439600-memory.dmp	upx
behavioral1/memory/2716-4-0x0000000000400000-0x0000000000439600-memory.dmp	upx

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2716	46c9abb3619c25bfa63ff60c1c3a729a_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\46c9abb3619c25bfa63ff60c1c3a729a_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\46c9abb3619c25bfa63ff60c1c3a729a_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2716

memory/2716-1-0x0000000000400000-0x0000000000439600-memory.dmp

Filesize
229KB

Download
memory/2716-4-0x0000000000400000-0x0000000000439600-memory.dmp

Filesize
229KB

Download