General
-
Target
930152f5021c136910164967be2c2f47_JaffaCakes118
-
Size
60KB
-
Sample
240603-3n7f6aec47
-
MD5
930152f5021c136910164967be2c2f47
-
SHA1
2e831736539c88493af016389ea9460ec7a32289
-
SHA256
51720c15de54118cc6d6a9fde35fa549428fe5ce499e30fca4b98cf4f9cb2cfa
-
SHA512
1aa4768cc5d2d42dff82fc22c0d60cf29d0396878228e08e1593eefbee88dd5856adda54355667dfd186b6163385342f6cc9f7660d27a3201f7959b7aa5bdcd7
-
SSDEEP
768:c2wZtOMDkvgTejnD9wX5qXgXT/JdfF6PsA4pkPFQ:jwyTvgCjnD851j/DQkAbQ
Static task
static1
Behavioral task
behavioral1
Sample
930152f5021c136910164967be2c2f47_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
930152f5021c136910164967be2c2f47_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1uqLetSjGzBGadccK_rcmxM_8-6gUA_Af
Targets
-
-
Target
930152f5021c136910164967be2c2f47_JaffaCakes118
-
Size
60KB
-
MD5
930152f5021c136910164967be2c2f47
-
SHA1
2e831736539c88493af016389ea9460ec7a32289
-
SHA256
51720c15de54118cc6d6a9fde35fa549428fe5ce499e30fca4b98cf4f9cb2cfa
-
SHA512
1aa4768cc5d2d42dff82fc22c0d60cf29d0396878228e08e1593eefbee88dd5856adda54355667dfd186b6163385342f6cc9f7660d27a3201f7959b7aa5bdcd7
-
SSDEEP
768:c2wZtOMDkvgTejnD9wX5qXgXT/JdfF6PsA4pkPFQ:jwyTvgCjnD851j/DQkAbQ
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-