457ff38fd9bfdcd20643855708f6074bd3f1a394d7f585582309fab22b4b549e

Analysis

max time kernel
140s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
20/07/2024, 02:00

Target

5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe
Size

580KB
MD5

5e9af8c96de7eb8adfebd17298b51cd1
SHA1

022c2c7675ef1f7008128a99a8385d4aadae4ab0
SHA256

457ff38fd9bfdcd20643855708f6074bd3f1a394d7f585582309fab22b4b549e
SHA512

d7a5207793582d17e8c4b653af3e539feb70ca28a16029573941d00fdaa6950c75c0efa692dfb328c53738182e23175f3ba02cb00c489064170ee0476c8ffe3e
SSDEEP

6144:lL3lSRhsodgrpLadbtDmG6oag5GvfKbtKyF01RtKAKzQ4itN5yjvuxGxPgLfV2T5:V3lSRhLgrh8q2vuN2THN+vq5vw7k

Score

7^/10

Drops startup file 2 IoCs

description	ioc	Process
File created	C:\users\Admin\appData\roaming\microsoft\windows\start menu\programs\startup\java.exe	5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe
File opened for modification	C:\users\Admin\appData\roaming\microsoft\windows\start menu\programs\startup\java.exe	5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3084	5e9af8c96de7eb8adfebd17298b51cd1_JaffaCakes118.exe

memory/3084-0-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download
memory/3084-2-0x0000000000400000-0x0000000000498000-memory.dmp

Filesize
608KB

Download
memory/3084-4-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download
memory/3084-5-0x0000000000400000-0x0000000000498000-memory.dmp

Filesize
608KB

Download
memory/3084-9-0x0000000000400000-0x0000000000498000-memory.dmp

Filesize
608KB

Download