General
-
Target
50bc873b8e08fdc5832350f377a1b5a7_JaffaCakes118
-
Size
569KB
-
Sample
240331-je7k1sga9w
-
MD5
50bc873b8e08fdc5832350f377a1b5a7
-
SHA1
868d150864b3a467238314be1d21a4835fed7c68
-
SHA256
2ac9fe88102fbe8cc50d40228e302e2f37fcc006009697609eb5d55aab5c940e
-
SHA512
842b38e394e2b6ef46b2d797a036b52b7ff06c2d3ea3489d9bcbaa8325659c2cffb8714a2ec12c4378a66ddcc19a5ef3fedde0e7ae0e829de1abe6809d12d163
-
SSDEEP
6144:PC4w8juap56y9dg4sIo9ZCf6YRZDYooV3FtlyPG4wYeVKiEgQaratgMZ:Knapvg4sz9dYRZsx1tvpEVar3MZ
Static task
static1
Behavioral task
behavioral1
Sample
50bc873b8e08fdc5832350f377a1b5a7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
50bc873b8e08fdc5832350f377a1b5a7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
asyncrat
0.5.7B
1
185.157.160.136:1973
df4Rtg34dFjwr7ujp3
-
delay
38
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
50bc873b8e08fdc5832350f377a1b5a7_JaffaCakes118
-
Size
569KB
-
MD5
50bc873b8e08fdc5832350f377a1b5a7
-
SHA1
868d150864b3a467238314be1d21a4835fed7c68
-
SHA256
2ac9fe88102fbe8cc50d40228e302e2f37fcc006009697609eb5d55aab5c940e
-
SHA512
842b38e394e2b6ef46b2d797a036b52b7ff06c2d3ea3489d9bcbaa8325659c2cffb8714a2ec12c4378a66ddcc19a5ef3fedde0e7ae0e829de1abe6809d12d163
-
SSDEEP
6144:PC4w8juap56y9dg4sIo9ZCf6YRZDYooV3FtlyPG4wYeVKiEgQaratgMZ:Knapvg4sz9dYRZsx1tvpEVar3MZ
Score10/10-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-