1c31c08f9fb679326786f306c4087dff24d1f0de84b6953d3a71421e15e01f91

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28/09/2024, 23:44

Target

fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe
Size

1.1MB
MD5

fd60c4a0cf5e21f7173693d7c8d118ba
SHA1

d2fe133e7fe8eda7eb1ce1328d9dd2e3e1eadb6a
SHA256

1c31c08f9fb679326786f306c4087dff24d1f0de84b6953d3a71421e15e01f91
SHA512

c62a09ad6ebe04eeb9626ad038e225989610a46386c286ddbb69a9d3799cdad9e54e9fc4de1fb56c053dc4d3d516b5309626e71be2930da1a39e5ae9f9454dc7
SSDEEP

24576:J9y+V4xFZgHw/rGTTH1WhXpzBRecf0XNAyCaJaChQr2f:u84xAwiwpNRecf0XNj1

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe
1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21
PID 1728 wrote to memory of 1192	1728	fd60c4a0cf5e21f7173693d7c8d118ba_JaffaCakes118.exe	21

memory/1192-5-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1192-11-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/1728-1-0x00000000002D0000-0x00000000003B4000-memory.dmp

Filesize
912KB

Download
memory/1728-0-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/1728-2-0x0000000000401000-0x0000000000408000-memory.dmp

Filesize
28KB

Download
memory/1728-4-0x0000000000400000-0x0000000000511000-memory.dmp

Filesize
1.1MB

Download
memory/1728-23-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download