b4aa55c70f1a5d759c2872c02b43fc0b141b6949bb123500db7f42d0342b36f2

Analysis

max time kernel
5s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
05/10/2024, 03:52

Target

160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
Size

96KB
MD5

160da1103f77b91a55258dfab41cd85c
SHA1

7b88474f45a8e94b8832a9c591c16fd02b03b54f
SHA256

b4aa55c70f1a5d759c2872c02b43fc0b141b6949bb123500db7f42d0342b36f2
SHA512

33b9b8b5afc641b04fc7099f8f8a3d758991d93c96413e63c14b4dd14e431987b181b9098205116c44f035960c2a47f0bc1790a57c83cf803b5607ea91d62793
SSDEEP

3072:lV2BZVPlFlnxClFvLLcA+sPDzGvxyGqn/cDFI8Hj/:bQrNFxwjF+UGvxyGqnUZI8Hj/

Score

4^/10

Drops file in Windows directory 12 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\BattleField 1942(hack).exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942(hack).exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Quake3 + fix.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\Doom 3 patch.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\BattleField 1942_nocd.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\Quake3 + hack.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\Half-Life 2_crack.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\Quake3 + fix.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File opened for modification	C:\Windows\win32dc\Doom 3 patch.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\Half-Life 2 trainer.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC_cheat.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
File created	C:\Windows\win32dc\DAoC + trainer.exe	160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\160da1103f77b91a55258dfab41cd85c_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:1756

C:\Windows\win32dc\Doom 3 patch.exe

Filesize
97KB

MD5
644272e4561b4ad7702857b1516abbd4

SHA1
5caf7dd3de14952cb117379d7f02ad8be468caa9

SHA256
48d5643db291b3ad3f3ed17d7045a3aa080569e8afd5f6fa71b683839a627341

SHA512
99f3ee6c8fe1ad47d2a3d06eeb7eedaabcc129beac6a260c0d285c937acbe428b271a00774f2ac43ebadfe792c20e5590be7469e9312436f00da75e6a76e8143

Download Submit
memory/1756-13-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download