General
-
Target
490f912a000e2da93b240765e76ed308_JaffaCakes118
-
Size
48KB
-
Sample
240516-chyzqafh83
-
MD5
490f912a000e2da93b240765e76ed308
-
SHA1
1314b561dbed543b969aebb8ed60f07bfe7152e2
-
SHA256
4d5dafcd58879d4855fe468b8930b1fb39744371f338a27ffe26efb56555b12e
-
SHA512
69fba90b288a52c0dc311d897ab17f7275ce15e88ead1e7b3fd8b636925ce7dbf0599a2014dab9812f1b2dd3692add754c871936b31c28c880f4a01a85bf2333
-
SSDEEP
768:YnrkN2548wvAECw90JO5x30n0ajjrRAao6T24cUH8Ge:UrkN2548w5CwWJO5d0nPrRFo6S4R+
Static task
static1
Behavioral task
behavioral1
Sample
490f912a000e2da93b240765e76ed308_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
490f912a000e2da93b240765e76ed308_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=E3F864783437E54C&resid=E3F864783437E54C%21120&authkey=AJxvhb5E2TNcfSY
Targets
-
-
Target
490f912a000e2da93b240765e76ed308_JaffaCakes118
-
Size
48KB
-
MD5
490f912a000e2da93b240765e76ed308
-
SHA1
1314b561dbed543b969aebb8ed60f07bfe7152e2
-
SHA256
4d5dafcd58879d4855fe468b8930b1fb39744371f338a27ffe26efb56555b12e
-
SHA512
69fba90b288a52c0dc311d897ab17f7275ce15e88ead1e7b3fd8b636925ce7dbf0599a2014dab9812f1b2dd3692add754c871936b31c28c880f4a01a85bf2333
-
SSDEEP
768:YnrkN2548wvAECw90JO5x30n0ajjrRAao6T24cUH8Ge:UrkN2548w5CwWJO5d0nPrRFo6S4R+
Score10/10-
Guloader payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-