General
-
Target
128c0e804fe6deb3e54453724a218f98_JaffaCakes118
-
Size
359KB
-
Sample
240626-tb6jna1fma
-
MD5
128c0e804fe6deb3e54453724a218f98
-
SHA1
830b63ce4f2a59ce17a92d8e339c26e80a60929b
-
SHA256
f0182fd2d6034c99acd88f7909c1196d30c5083bb0ab829767f08d55691eedd1
-
SHA512
89aeec4dbf3ca097a5ee7efa910985eb277c7ff2013b5421dcb9e04e630bd106fd551993bab2245b949fef843adb718b5044b192857721b66889c673647bbcf4
-
SSDEEP
6144:745erfBEcDgDPy79kbAtV3Fin+KqamOEJXGG:Ae95DgDPy+oV32qaoJ
Static task
static1
Behavioral task
behavioral1
Sample
128c0e804fe6deb3e54453724a218f98_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
128c0e804fe6deb3e54453724a218f98_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
smokeloader
upd1
Targets
-
-
Target
128c0e804fe6deb3e54453724a218f98_JaffaCakes118
-
Size
359KB
-
MD5
128c0e804fe6deb3e54453724a218f98
-
SHA1
830b63ce4f2a59ce17a92d8e339c26e80a60929b
-
SHA256
f0182fd2d6034c99acd88f7909c1196d30c5083bb0ab829767f08d55691eedd1
-
SHA512
89aeec4dbf3ca097a5ee7efa910985eb277c7ff2013b5421dcb9e04e630bd106fd551993bab2245b949fef843adb718b5044b192857721b66889c673647bbcf4
-
SSDEEP
6144:745erfBEcDgDPy79kbAtV3Fin+KqamOEJXGG:Ae95DgDPy+oV32qaoJ
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-