1f61861446900ffc11c13f0f5b83ed35f6f03d771a7c02bb6932b5e378e777d8

Analysis

max time kernel
140s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
22/07/2024, 20:31

Target

64b1c28f233771f1540499d69500f85a_JaffaCakes118.exe
Size

314KB
MD5

64b1c28f233771f1540499d69500f85a
SHA1

e88627e9b916ecd1bf0306736ef7cd69b45a3606
SHA256

1f61861446900ffc11c13f0f5b83ed35f6f03d771a7c02bb6932b5e378e777d8
SHA512

15c1073a144a576d0f3f792f16e2fb47d0cd48504f39484b4f71e234e32863c71cb99f6d33de14b451a1a7fdcc861f916bc3f88a9b90923bcd10bd6b35681afd
SSDEEP

6144:9u0X3JPg5gYgVEZEAzbO336Gb5Kn8WuNOY3/3Rn:9uMg5gYgVE/zbnFn8WuNrf

Score

4^/10

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Common Files\System\360Safe.ico	64b1c28f233771f1540499d69500f85a_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\360Sd.ico	64b1c28f233771f1540499d69500f85a_JaffaCakes118.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2852	64b1c28f233771f1540499d69500f85a_JaffaCakes118.exe
2852	64b1c28f233771f1540499d69500f85a_JaffaCakes118.exe

memory/2852-1-0x0000000000220000-0x0000000000222000-memory.dmp

Filesize
8KB

Download
memory/2852-0-0x0000000000400000-0x0000000000471000-memory.dmp

Filesize
452KB

Download
memory/2852-2-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2852-5-0x0000000000400000-0x0000000000471000-memory.dmp

Filesize
452KB

Download
memory/2852-7-0x0000000000220000-0x0000000000222000-memory.dmp

Filesize
8KB

Download
memory/2852-8-0x0000000000400000-0x0000000000471000-memory.dmp

Filesize
452KB

Download
memory/2852-9-0x0000000000400000-0x0000000000471000-memory.dmp

Filesize
452KB

Download