General
-
Target
1ba0456f02dbbdd234b252b82be91512_JaffaCakes118
-
Size
722KB
-
Sample
240701-rn3mesweka
-
MD5
1ba0456f02dbbdd234b252b82be91512
-
SHA1
a993ee407585ff47f59948ef7e7f2209374b087b
-
SHA256
861f92d609337d71f42fc76fb3d344306f643c8b9210ae6425b84ed2d22bcfb7
-
SHA512
4bcb623444eb4b9b607a5dd4976fa813008d79b49733645a52cc6a2337b05e03466d2b6042e1cf7827be468077bdab611723f226b67c26c4455ea7e3942150d3
-
SSDEEP
12288:4FLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJr2:Y3nbWmJVJFwSddIXvfhqbiaxvRxq9p2
Behavioral task
behavioral1
Sample
1ba0456f02dbbdd234b252b82be91512_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
1ba0456f02dbbdd234b252b82be91512_JaffaCakes118
-
Size
722KB
-
MD5
1ba0456f02dbbdd234b252b82be91512
-
SHA1
a993ee407585ff47f59948ef7e7f2209374b087b
-
SHA256
861f92d609337d71f42fc76fb3d344306f643c8b9210ae6425b84ed2d22bcfb7
-
SHA512
4bcb623444eb4b9b607a5dd4976fa813008d79b49733645a52cc6a2337b05e03466d2b6042e1cf7827be468077bdab611723f226b67c26c4455ea7e3942150d3
-
SSDEEP
12288:4FLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJr2:Y3nbWmJVJFwSddIXvfhqbiaxvRxq9p2
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Suspicious use of SetThreadContext
-