General
-
Target
584e10fd25ea48444ab5ea56ea34a461_JaffaCakes118
-
Size
72KB
-
Sample
240519-dv4leaga67
-
MD5
584e10fd25ea48444ab5ea56ea34a461
-
SHA1
282a619b75a4e55e8579a10fcba8e32a3f9f40a2
-
SHA256
104cfc169567e06203a46f699c8b0249face8a47b213c1f4a8609bfef1b1569a
-
SHA512
86384b18b88de99a07b7c7453de045f342a9ea5da717bee2da1c8fe67354f08d84b6acd75eaadde51a7c2675bcaaa3760491bf775f31eddbfb707678bcdb1475
-
SSDEEP
1536:sWmLQLoXO5msms0sSvFNGwNDtpN0shO5msm:sWmSUTs0L/0hUT
Static task
static1
Behavioral task
behavioral1
Sample
584e10fd25ea48444ab5ea56ea34a461_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
584e10fd25ea48444ab5ea56ea34a461_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
584e10fd25ea48444ab5ea56ea34a461_JaffaCakes118
-
Size
72KB
-
MD5
584e10fd25ea48444ab5ea56ea34a461
-
SHA1
282a619b75a4e55e8579a10fcba8e32a3f9f40a2
-
SHA256
104cfc169567e06203a46f699c8b0249face8a47b213c1f4a8609bfef1b1569a
-
SHA512
86384b18b88de99a07b7c7453de045f342a9ea5da717bee2da1c8fe67354f08d84b6acd75eaadde51a7c2675bcaaa3760491bf775f31eddbfb707678bcdb1475
-
SSDEEP
1536:sWmLQLoXO5msms0sSvFNGwNDtpN0shO5msm:sWmSUTs0L/0hUT
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-