General
-
Target
13f28d2ed8323bbbca9f2804f9763503_JaffaCakes118
-
Size
220KB
-
Sample
240329-awx88sdd45
-
MD5
13f28d2ed8323bbbca9f2804f9763503
-
SHA1
501000c9e16939a15c539794f8cd6bcbaa53b350
-
SHA256
0537e5b579951c5fcbd64fbf11bb1b0ea70bd9d7984896b5893ba64d06597d6a
-
SHA512
1dfdbfed9b52804253285225a5d39d6940c079bcf1e2c1dffad6198918b274206d008d8c826d25c458e3317a39b490382548a17a55f309503008f4c9bf07e50e
-
SSDEEP
3072:XqdaHe4l53BN8sJydvyeP8Q2boS9D98aShyuy6inoeDHGW+3E:KaHe4RN8s4xajVx98aC3eHG/E
Static task
static1
Behavioral task
behavioral1
Sample
13f28d2ed8323bbbca9f2804f9763503_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
13f28d2ed8323bbbca9f2804f9763503_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
smokeloader
2020
http://honawey7.xyz/
http://wijibui0.xyz/
http://hefahei6.xyz/
http://pipevai4.xyz/
http://nalirou7.xyz/
http://xacokuo8.xyz/
http://hajezey1.xyz/
http://gejajoo7.xyz/
http://sysaheu9.xyz/
http://rixoxeu9.xyz/
Targets
-
-
Target
13f28d2ed8323bbbca9f2804f9763503_JaffaCakes118
-
Size
220KB
-
MD5
13f28d2ed8323bbbca9f2804f9763503
-
SHA1
501000c9e16939a15c539794f8cd6bcbaa53b350
-
SHA256
0537e5b579951c5fcbd64fbf11bb1b0ea70bd9d7984896b5893ba64d06597d6a
-
SHA512
1dfdbfed9b52804253285225a5d39d6940c079bcf1e2c1dffad6198918b274206d008d8c826d25c458e3317a39b490382548a17a55f309503008f4c9bf07e50e
-
SSDEEP
3072:XqdaHe4l53BN8sJydvyeP8Q2boS9D98aShyuy6inoeDHGW+3E:KaHe4RN8s4xajVx98aC3eHG/E
Score10/10-
Deletes itself
-
Suspicious use of SetThreadContext
-