General
-
Target
87f72e4c1c61eb7baf0540e4088a127a_JaffaCakes118
-
Size
13.4MB
-
Sample
240402-knd6hace95
-
MD5
87f72e4c1c61eb7baf0540e4088a127a
-
SHA1
ef8644512934bba4ac43498ee078945aabb2d2cf
-
SHA256
6d6af288259fb769ab5ed93a44069e3a48607dbb20152f711e73faff8ec0a906
-
SHA512
e2c6254e7a6761b4f2e67ea6c80eb784cd2f335f9c0db24a73b8b7a0a669dd61056adf94033d0c5e9205f33eb6b74ce2a4da6b61989cfd81dabcac1eac4b77cf
-
SSDEEP
393216:Vth2EqbloYK1YbTACfECvvcgBZ7DCQPW:gEqydURf9BFDCQ
Static task
static1
Behavioral task
behavioral1
Sample
87f72e4c1c61eb7baf0540e4088a127a_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
87f72e4c1c61eb7baf0540e4088a127a_JaffaCakes118
-
Size
13.4MB
-
MD5
87f72e4c1c61eb7baf0540e4088a127a
-
SHA1
ef8644512934bba4ac43498ee078945aabb2d2cf
-
SHA256
6d6af288259fb769ab5ed93a44069e3a48607dbb20152f711e73faff8ec0a906
-
SHA512
e2c6254e7a6761b4f2e67ea6c80eb784cd2f335f9c0db24a73b8b7a0a669dd61056adf94033d0c5e9205f33eb6b74ce2a4da6b61989cfd81dabcac1eac4b77cf
-
SSDEEP
393216:Vth2EqbloYK1YbTACfECvvcgBZ7DCQPW:gEqydURf9BFDCQ
-
Detect ZGRat V1
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-