General
-
Target
a0bad57e9f99b74bf3aa862ec8d792fd_JaffaCakes118
-
Size
112KB
-
Sample
240612-p3pb8sygpr
-
MD5
a0bad57e9f99b74bf3aa862ec8d792fd
-
SHA1
54b8320cbbfc3ef22bf2641731c39c2efedcf112
-
SHA256
56042f13c376561a18bbb07d01512e3178cb44ff3be70e7d0814a19d0549cfbb
-
SHA512
5a185c307e03632bb63c8f88eca32d8c2907dfc15f32f09a122fd0dd1b688448a9bfa17a5013845b0f2610b6f5f3df51cae565b4b36e0aae62b33047133c4a65
-
SSDEEP
1536:LxIsaRSTBlzHPtipUv+2frPAX77RhC9ipRz33EYod:t8ROlrjrs7OIRj3od
Static task
static1
Behavioral task
behavioral1
Sample
a0bad57e9f99b74bf3aa862ec8d792fd_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a0bad57e9f99b74bf3aa862ec8d792fd_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
guloader
http://fblottery.net/me_encrypted_18567E0.bin
Targets
-
-
Target
a0bad57e9f99b74bf3aa862ec8d792fd_JaffaCakes118
-
Size
112KB
-
MD5
a0bad57e9f99b74bf3aa862ec8d792fd
-
SHA1
54b8320cbbfc3ef22bf2641731c39c2efedcf112
-
SHA256
56042f13c376561a18bbb07d01512e3178cb44ff3be70e7d0814a19d0549cfbb
-
SHA512
5a185c307e03632bb63c8f88eca32d8c2907dfc15f32f09a122fd0dd1b688448a9bfa17a5013845b0f2610b6f5f3df51cae565b4b36e0aae62b33047133c4a65
-
SSDEEP
1536:LxIsaRSTBlzHPtipUv+2frPAX77RhC9ipRz33EYod:t8ROlrjrs7OIRj3od
Score10/10-
Guloader payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-