General
-
Target
21fbb712aab6d4e991d123a1e9c0cedf_JaffaCakes118
-
Size
311KB
-
Sample
240329-pm2ydshd27
-
MD5
21fbb712aab6d4e991d123a1e9c0cedf
-
SHA1
127cba0dbc74422e00f431f42a2713cf108b9cb4
-
SHA256
d3184ceae376a789ccd61e767da3f21cacd72dfc7162a5e1a9569c7244d0bf9a
-
SHA512
dca4b74ec7107d982829a9a697570ffef8b4eb7e59b2fe9139ab5a4f655062f421fc6897d99ffc2275e15d3c4ab7f61bfb9ecc9a3485a440c0d0fd86e22f57ce
-
SSDEEP
6144:zdQzaOOFHl77D3MB97YdnmnO+TvR46BvYUfHyZAdeJwxiVpvowz9eIWjXqqkarN/:zdQzlOF7F2TxcpAn5ada
Static task
static1
Behavioral task
behavioral1
Sample
21fbb712aab6d4e991d123a1e9c0cedf_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
21fbb712aab6d4e991d123a1e9c0cedf_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
smokeloader
2020
http://honawey7.xyz/
http://wijibui0.xyz/
http://hefahei6.xyz/
http://pipevai4.xyz/
http://nalirou7.xyz/
http://xacokuo8.xyz/
http://hajezey1.xyz/
http://gejajoo7.xyz/
http://sysaheu9.xyz/
http://rixoxeu9.xyz/
Targets
-
-
Target
21fbb712aab6d4e991d123a1e9c0cedf_JaffaCakes118
-
Size
311KB
-
MD5
21fbb712aab6d4e991d123a1e9c0cedf
-
SHA1
127cba0dbc74422e00f431f42a2713cf108b9cb4
-
SHA256
d3184ceae376a789ccd61e767da3f21cacd72dfc7162a5e1a9569c7244d0bf9a
-
SHA512
dca4b74ec7107d982829a9a697570ffef8b4eb7e59b2fe9139ab5a4f655062f421fc6897d99ffc2275e15d3c4ab7f61bfb9ecc9a3485a440c0d0fd86e22f57ce
-
SSDEEP
6144:zdQzaOOFHl77D3MB97YdnmnO+TvR46BvYUfHyZAdeJwxiVpvowz9eIWjXqqkarN/:zdQzlOF7F2TxcpAn5ada
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-