General
-
Target
0ada5f2eec1893ee695758b75ebe351b_JaffaCakes118
-
Size
356KB
-
Sample
240501-b5jmwafa85
-
MD5
0ada5f2eec1893ee695758b75ebe351b
-
SHA1
554bc863b128b83ca14f20e6b08028d8a12795a0
-
SHA256
dee6a220c1a2a3a53361c929e903744b78a751b93c38405e629aae4c16d1e597
-
SHA512
0aed5d83d07d651f62527aff20438090f143f86b98d053ad2af7a14b7166980078e8383910a4e38fabb8fa0bb60fcc23e56dbc7a5750be0b5827c1fa2bed780b
-
SSDEEP
6144:kyNp69yZH/0EkNrlXLp+Pe+zXLry08lY5W99A3ywES2:pNvcEkNFL4PeP5lYUU31ES2
Malware Config
Extracted
buer
https://kackdelar.top/
Targets
-
-
Target
0ada5f2eec1893ee695758b75ebe351b_JaffaCakes118
-
Size
356KB
-
MD5
0ada5f2eec1893ee695758b75ebe351b
-
SHA1
554bc863b128b83ca14f20e6b08028d8a12795a0
-
SHA256
dee6a220c1a2a3a53361c929e903744b78a751b93c38405e629aae4c16d1e597
-
SHA512
0aed5d83d07d651f62527aff20438090f143f86b98d053ad2af7a14b7166980078e8383910a4e38fabb8fa0bb60fcc23e56dbc7a5750be0b5827c1fa2bed780b
-
SSDEEP
6144:kyNp69yZH/0EkNrlXLp+Pe+zXLry08lY5W99A3ywES2:pNvcEkNFL4PeP5lYUU31ES2
Score10/10-
Buer
Buer is a new modular loader first seen in August 2019.
-
Buer Loader
Detects Buer loader in memory or disk.
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-