General
-
Target
447e219cbcf80fe536012830c93fe9bb_JaffaCakes118
-
Size
56KB
-
Sample
240515-etnz1agh76
-
MD5
447e219cbcf80fe536012830c93fe9bb
-
SHA1
ac18fc15619593a1b04f4ee7f3fbb29e6d111739
-
SHA256
e5d04269b3068a1ee1a5567726af0d79a6307ec7e4ffaa47c4492a3ae6181a16
-
SHA512
8c39cae867d01389bce9ddad542f951fa0e2bd8f5439c3ab0a80c0296b97b3f4a659198fcfc3220182aa31dd413c530e1e676b574c42e04919ebed88454260a2
-
SSDEEP
768:TQx0SU/c14V5/LIwSikmLLJxvdOlsz51SQ1q:UUwILI5iLLLUez5Q
Behavioral task
behavioral1
Sample
447e219cbcf80fe536012830c93fe9bb_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
447e219cbcf80fe536012830c93fe9bb_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
guloader
https://viva-fred.cf/vvd2.bin
Targets
-
-
Target
447e219cbcf80fe536012830c93fe9bb_JaffaCakes118
-
Size
56KB
-
MD5
447e219cbcf80fe536012830c93fe9bb
-
SHA1
ac18fc15619593a1b04f4ee7f3fbb29e6d111739
-
SHA256
e5d04269b3068a1ee1a5567726af0d79a6307ec7e4ffaa47c4492a3ae6181a16
-
SHA512
8c39cae867d01389bce9ddad542f951fa0e2bd8f5439c3ab0a80c0296b97b3f4a659198fcfc3220182aa31dd413c530e1e676b574c42e04919ebed88454260a2
-
SSDEEP
768:TQx0SU/c14V5/LIwSikmLLJxvdOlsz51SQ1q:UUwILI5iLLLUez5Q
Score10/10-
Guloader payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-