8ef137a45870ad3d970c1e054e16e8523587d3fe3c0f962a2803807bc4a62925

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
07-01-2025 09:20

Target

JaffaCakes118_5abc70d78d57cc18878dbb795f3586f9.exe
Size

150KB
MD5

5abc70d78d57cc18878dbb795f3586f9
SHA1

a90d96b6f10e0323200d606ce1d4023eb6c3309a
SHA256

8ef137a45870ad3d970c1e054e16e8523587d3fe3c0f962a2803807bc4a62925
SHA512

c44e5d6fcf8ad72c1f300772c04642f6049d4c537c143a379f7556a7b5c321575b3c7481ecaf0fd9a3b52393aed02a89d99dbca15159e2353e1648faec56ded6
SSDEEP

3072:H5AKMq8VSyr6GD0sus9zjqazUr1d80y6xaXrQN:H5GVSyrTX9PuC0ym

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2368	JaffaCakes118_5abc70d78d57cc18878dbb795f3586f9.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2368	JaffaCakes118_5abc70d78d57cc18878dbb795f3586f9.exe

memory/2368-0-0x000007FEF5653000-0x000007FEF5654000-memory.dmp

Filesize
4KB

Download
memory/2368-1-0x0000000000DB0000-0x0000000000DD8000-memory.dmp

Filesize
160KB

Download
memory/2368-2-0x000007FEF5650000-0x000007FEF603C000-memory.dmp

Filesize
9.9MB

Download
memory/2368-3-0x000007FEF5650000-0x000007FEF603C000-memory.dmp

Filesize
9.9MB

Download