General
-
Target
04d7b7724baf46febb5adfa8626d7131_JaffaCakes118
-
Size
13.5MB
-
Sample
240328-nynz8shd94
-
MD5
04d7b7724baf46febb5adfa8626d7131
-
SHA1
c5692f9d5b88334059cee27c26939179aed0e45b
-
SHA256
9b91f4c120d001aeda29fb8a4fd4c7b700bd900ab6487cd03e78c69ad1d9da46
-
SHA512
b763a4bb8006b87a32bc6f6a59d2494cb729af55469318bc50e0784a5e47263b5b20e961c9ab0be75450cf078d03e6e5ee6f2c07532749d8aef93ebdb704b8ea
-
SSDEEP
393216:XC6MNaEIzJd4FuCyuQBUS8f9eqR+pB8PlbX:pM8zd2QBUS8f7a6Plb
Static task
static1
Behavioral task
behavioral1
Sample
04d7b7724baf46febb5adfa8626d7131_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Targets
-
-
Target
04d7b7724baf46febb5adfa8626d7131_JaffaCakes118
-
Size
13.5MB
-
MD5
04d7b7724baf46febb5adfa8626d7131
-
SHA1
c5692f9d5b88334059cee27c26939179aed0e45b
-
SHA256
9b91f4c120d001aeda29fb8a4fd4c7b700bd900ab6487cd03e78c69ad1d9da46
-
SHA512
b763a4bb8006b87a32bc6f6a59d2494cb729af55469318bc50e0784a5e47263b5b20e961c9ab0be75450cf078d03e6e5ee6f2c07532749d8aef93ebdb704b8ea
-
SSDEEP
393216:XC6MNaEIzJd4FuCyuQBUS8f9eqR+pB8PlbX:pM8zd2QBUS8f7a6Plb
-
Detect ZGRat V1
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-