a662297766f6017684e098746c11f82f9881c129b65681abe415ecaa9331a005

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
21/08/2024, 08:40

Target

b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe
Size

1.6MB
MD5

b2ccfeaf6d67b7b8454de521f3c83bbe
SHA1

c9810d2549e9a2ac284030ecbeb9155c025c442d
SHA256

a662297766f6017684e098746c11f82f9881c129b65681abe415ecaa9331a005
SHA512

2fbdb32dadf26d4d483b93642eef19a18dc681bcd22f44bf19df7af6719a7f233e818eb51805f052b2b557705b45eea6f7e25b0b9a87340b55ed1d7431552147
SSDEEP

24576:a2nCkxd+0rAV8JCQaPMY4nOOEogLJp0Y6bSmIn76vev8xGSOZjKXdjyT375dWuG8:04XCBDo+WYnevev8xFoKXdGv5MG

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe
2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21
PID 2640 wrote to memory of 1204	2640	b2ccfeaf6d67b7b8454de521f3c83bbe_JaffaCakes118.exe	21

memory/1204-2-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1204-9-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/2640-0-0x0000000000401000-0x0000000000408000-memory.dmp

Filesize
28KB

Download
memory/2640-5-0x0000000000400000-0x0000000000593000-memory.dmp

Filesize
1.6MB

Download
memory/2640-21-0x0000000000400000-0x0000000000593000-memory.dmp

Filesize
1.6MB

Download
memory/2640-22-0x0000000000401000-0x0000000000408000-memory.dmp

Filesize
28KB

Download