864c8b1111dbc9ff1335cee79ccde8a61d2225f59ed927c0d12715c21d4a5967

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
09/09/2024, 02:26

Target

d58357e9837e216317dee11bcba276ea_JaffaCakes118.exe
Size

59KB
MD5

d58357e9837e216317dee11bcba276ea
SHA1

475c2dc5de7d435036eb2241a45d50639875aee6
SHA256

864c8b1111dbc9ff1335cee79ccde8a61d2225f59ed927c0d12715c21d4a5967
SHA512

e3a206ff4620f23a9f47d6ae4cf840834802e82c08a31703b0148f3bc04b9dca39fd126221bf9d3edd09947abb6cc05fdb7d5d01545bcf924c002444517e04b3
SSDEEP

768:0fTdZnpYsgZqO3ibm4G4095mOQ/gl0ZAaWAZrsy+Uli:yZnLHOylK95Wol0Z5/ZrsyLli

Score

1^/10

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
800	d58357e9837e216317dee11bcba276ea_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\d58357e9837e216317dee11bcba276ea_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\d58357e9837e216317dee11bcba276ea_JaffaCakes118.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:800

memory/800-0-0x000007FEF5BAE000-0x000007FEF5BAF000-memory.dmp

Filesize
4KB

Download
memory/800-1-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download
memory/800-2-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download
memory/800-3-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download
memory/800-4-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download
memory/800-5-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download
memory/800-6-0x000007FEF5BAE000-0x000007FEF5BAF000-memory.dmp

Filesize
4KB

Download
memory/800-7-0x000007FEF58F0000-0x000007FEF628D000-memory.dmp

Filesize
9.6MB

Download