6b6516301ab90189ec4fb7c5c2c62cb453894fa3520b14ad3aca99565016119e

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/09/2024, 23:21

Target

dd39e2c27cd4fc6abbd01099ab825819_JaffaCakes118.exe
Size

115KB
MD5

dd39e2c27cd4fc6abbd01099ab825819
SHA1

6b1279ec2126cfdd3d0149ab8b8b855817cd23a7
SHA256

6b6516301ab90189ec4fb7c5c2c62cb453894fa3520b14ad3aca99565016119e
SHA512

c768fb813ad7c7ae907d0c197163775811f27fa39774e024a663c16ef7b05577512bbee8a7493cc7cf382eae9254efed0ec7ee914ed8e3f86f57cdd0b0e5e055
SSDEEP

3072:Of/vMVckYZFyt14OEKmBN9tHDW5WHg8/8jNrvZQ//jjL/XM:OHvfcEKgLHDW5S8jRSPjM

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
3032	dd39e2c27cd4fc6abbd01099ab825819_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 3032 wrote to memory of 1160	3032	dd39e2c27cd4fc6abbd01099ab825819_JaffaCakes118.exe	21
PID 3032 wrote to memory of 1160	3032	dd39e2c27cd4fc6abbd01099ab825819_JaffaCakes118.exe	21

memory/1160-3-0x0000000002540000-0x0000000002549000-memory.dmp

Filesize
36KB

Download
memory/1160-2-0x0000000002540000-0x0000000002549000-memory.dmp

Filesize
36KB

Download
memory/3032-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3032-5-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/3032-1-0x0000000000240000-0x0000000000242000-memory.dmp

Filesize
8KB

Download