a36b03f58a1a81b8f36785e019e1d0360fab9363a72efcff8ef5cddcdce8a051

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
14/08/2024, 08:43

Target

955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
Size

31KB
MD5

955f4e3c9f0aef1f740461c99c5234e1
SHA1

cd3074ab6b9a88dd4eaa5ef6cb9df9378a8e55a6
SHA256

a36b03f58a1a81b8f36785e019e1d0360fab9363a72efcff8ef5cddcdce8a051
SHA512

e09eb6238b287832a2208e37d8934380fe67fd7f29103207ed282ef9a17c19f57d6aa4342e9d95db31fa8a3f782d672b0e79d9bd9606bd45e34377b02703d548
SSDEEP

384:tO4+1/qBvE6d6wb4k2071HjAoPXK/IX11g74aYQVXuaH3ARprx:tk1/qtE6d7bO0pH/7l1g7ZYmrH3q

Score

5^/10

Drops file in System32 directory 6 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\bernie.tmp	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\bernie.exe	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\bernie.exe	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
File opened for modification	C:\Windows\SysWOW64\bernie.map	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\bernie.map	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
File created	C:\Windows\SysWOW64\955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe	955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\955f4e3c9f0aef1f740461c99c5234e1_JaffaCakes118.exe"
1⤵
- Drops file in System32 directory
PID:1232

memory/1232-6-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-7-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-8-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-9-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-10-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-11-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-12-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-13-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-14-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-15-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-16-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-17-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-18-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/1232-19-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download