General
-
Target
878ba0f5047f5e2593c391c609643887_JaffaCakes118
-
Size
56KB
-
Sample
240531-tbp7nsdb7s
-
MD5
878ba0f5047f5e2593c391c609643887
-
SHA1
e9d568e2627c9fa824b07be096fe423465d81825
-
SHA256
a7ea68f94c673c8d44b46cce37164eb1a20e2b9d8d03a0f114d1c48d6c05344b
-
SHA512
643d4b419f7a8447e212297c302ebd28b483973d208da824c063c2f6fec4f3f38c69b249f7bf9ce3bcba56352717d90fa45da8d503a4a84337e0b066bd0ee52a
-
SSDEEP
768:7/ifT+tLYkV8cyQIrLJ6dDDuKEnWI1G132NRnu:zZV8iIr0dDDuKEU8u
Static task
static1
Behavioral task
behavioral1
Sample
878ba0f5047f5e2593c391c609643887_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
878ba0f5047f5e2593c391c609643887_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=E92F4785F2EDA385&resid=E92F4785F2EDA385%21110&authkey=AJxt939ERKkj5kU
Targets
-
-
Target
878ba0f5047f5e2593c391c609643887_JaffaCakes118
-
Size
56KB
-
MD5
878ba0f5047f5e2593c391c609643887
-
SHA1
e9d568e2627c9fa824b07be096fe423465d81825
-
SHA256
a7ea68f94c673c8d44b46cce37164eb1a20e2b9d8d03a0f114d1c48d6c05344b
-
SHA512
643d4b419f7a8447e212297c302ebd28b483973d208da824c063c2f6fec4f3f38c69b249f7bf9ce3bcba56352717d90fa45da8d503a4a84337e0b066bd0ee52a
-
SSDEEP
768:7/ifT+tLYkV8cyQIrLJ6dDDuKEnWI1G132NRnu:zZV8iIr0dDDuKEU8u
Score10/10-
Guloader payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-