General
-
Target
5b38f1c2c42a6fa5b8be200bac9ea9e3_JaffaCakes118
-
Size
76KB
-
Sample
240519-yvvnqaff2t
-
MD5
5b38f1c2c42a6fa5b8be200bac9ea9e3
-
SHA1
2c1658d44301145f62285054a48c98594796d31c
-
SHA256
59c3c8cd9f4cf71654987b95564db2b56ab4dc16857bfb704cf45c32d31213ba
-
SHA512
8afe9e86d00559355e505d3ad879f772fff3373e840bca91d969f665a1fd3474f04f2f4edb2eee2fcbdbbd0bb8338f6bc16520f3d63fbe2608b980424ddf626d
-
SSDEEP
1536:89KX78wbo2UG2Q2Qe1b47PhS9uggeLxHBwbo67:IKL8wbRUTb47PhS9uggGxHBwbV
Static task
static1
Behavioral task
behavioral1
Sample
5b38f1c2c42a6fa5b8be200bac9ea9e3_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5b38f1c2c42a6fa5b8be200bac9ea9e3_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=15gcqQfg0ADpvE07SqoFtR4e6ThCU2nan
Targets
-
-
Target
5b38f1c2c42a6fa5b8be200bac9ea9e3_JaffaCakes118
-
Size
76KB
-
MD5
5b38f1c2c42a6fa5b8be200bac9ea9e3
-
SHA1
2c1658d44301145f62285054a48c98594796d31c
-
SHA256
59c3c8cd9f4cf71654987b95564db2b56ab4dc16857bfb704cf45c32d31213ba
-
SHA512
8afe9e86d00559355e505d3ad879f772fff3373e840bca91d969f665a1fd3474f04f2f4edb2eee2fcbdbbd0bb8338f6bc16520f3d63fbe2608b980424ddf626d
-
SSDEEP
1536:89KX78wbo2UG2Q2Qe1b47PhS9uggeLxHBwbo67:IKL8wbRUTb47PhS9uggGxHBwbV
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-