e3b747c141bf983d2d719bf2c690fc08cb08a96b6154b337559738ab18d3ebe6

Analysis

max time kernel
143s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2024, 10:03

Target

6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe
Size

208KB
MD5

6721f6ee0a421482ba8c21ff6ea09571
SHA1

d72111a083637ad387de25d184b4cf649ba76bec
SHA256

e3b747c141bf983d2d719bf2c690fc08cb08a96b6154b337559738ab18d3ebe6
SHA512

743696f76a582f51d12ad05763cf65f6be5c3d159f3fb79510c7167ec802628e5bd9326fca9805c2e5172a7a0fa529f222f1348a9b768cd433b4a0a88c2d1162
SSDEEP

3072:zwzgDD0mXq6sJ+TNwguhdfr02HpPAo6/TDv8Az3HfWIy+d9BMRZ:LgBSNwgcdf9ZAZZ3Hu8dbM

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe
4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 4628 wrote to memory of 3440	4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe	56
PID 4628 wrote to memory of 3440	4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe	56
PID 4628 wrote to memory of 3440	4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe	56
PID 4628 wrote to memory of 3440	4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe	56
PID 4628 wrote to memory of 3440	4628	6721f6ee0a421482ba8c21ff6ea09571_JaffaCakes118.exe	56

memory/4628-0-0x00000000004F0000-0x0000000000513000-memory.dmp

Filesize
140KB

Download
memory/4628-1-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/4628-2-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download