eb99b0ed249d5ce590c82f3910039d0dbcf1c820cc78ac9401233d9f96839774

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
09/10/2024, 04:22

Target

2abdb7a4f8210b440dcd24c6b150b3ae_JaffaCakes118.exe
Size

56KB
MD5

2abdb7a4f8210b440dcd24c6b150b3ae
SHA1

c1ac33448f1bc9d8cc08161238e2facca2739fad
SHA256

eb99b0ed249d5ce590c82f3910039d0dbcf1c820cc78ac9401233d9f96839774
SHA512

033a5e82cc16b126ab89f99ec133696643f7deb8732c3480ed676139ee935bf5574442db0bced21b3f464c5528aa65676a3bf5907424f05a2a992785aac0d304
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtE:tHoLde/OgV432UcP39hXJZnE

Score

5^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x0007000000016d65-5.dat	upx
behavioral1/memory/3068-0-0x0000000000400000-0x0000000000428000-memory.dmp	upx
behavioral1/memory/3068-103-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\dextor32.exe	2abdb7a4f8210b440dcd24c6b150b3ae_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\2abdb7a4f8210b440dcd24c6b150b3ae_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\2abdb7a4f8210b440dcd24c6b150b3ae_JaffaCakes118.exe"
1⤵
- Drops file in Windows directory
PID:3068

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

Filesize
56KB

MD5
2abdb7a4f8210b440dcd24c6b150b3ae

SHA1
c1ac33448f1bc9d8cc08161238e2facca2739fad

SHA256
eb99b0ed249d5ce590c82f3910039d0dbcf1c820cc78ac9401233d9f96839774

SHA512
033a5e82cc16b126ab89f99ec133696643f7deb8732c3480ed676139ee935bf5574442db0bced21b3f464c5528aa65676a3bf5907424f05a2a992785aac0d304

Download Submit
memory/3068-0-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/3068-103-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download