5e74793d2c2d1738bbb12a0e89aba3a6d07e20694a279af9bec4e16a61d71085

Analysis

max time kernel
16s
max time network
17s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
16/07/2024, 05:17

Target

4cf09d41082df468daf880a65066d347_JaffaCakes118.exe
Size

99KB
MD5

4cf09d41082df468daf880a65066d347
SHA1

78bc2bd887ed8e08bcb3c7d238e9c7b8f67262c7
SHA256

5e74793d2c2d1738bbb12a0e89aba3a6d07e20694a279af9bec4e16a61d71085
SHA512

9b4ec9b423b2ecc5d23d4e02f6d561895d474d2b023b8b40e33b363290cf83a2006a359bb832b3950f9c0bdcc7ccacee2696d5775bdd81f0278524c26a2a22fc
SSDEEP

1536:A28OY87VwStU3xNDXkx/cxQwWOCLaxdhWk0LX9sE4N24V0QEMBIjgy4mutDgxjzi:q0+Stq2YQw1Ik0Bs2LjE0FnH

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2300	4cf09d41082df468daf880a65066d347_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2300 wrote to memory of 1388	2300	4cf09d41082df468daf880a65066d347_JaffaCakes118.exe	20
PID 2300 wrote to memory of 1388	2300	4cf09d41082df468daf880a65066d347_JaffaCakes118.exe	20

memory/1388-1-0x00000000029F0000-0x00000000029F9000-memory.dmp

Filesize
36KB

Download
memory/1388-2-0x00000000029F0000-0x00000000029F9000-memory.dmp

Filesize
36KB

Download
memory/2300-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/2300-4-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download