General
-
Target
b0f62ab2c4de0fa05eb98db27bce35dd_JaffaCakes118
-
Size
605KB
-
Sample
240404-f5412agd37
-
MD5
b0f62ab2c4de0fa05eb98db27bce35dd
-
SHA1
9ea78a72716618d925be72afd6d868e4a3916f14
-
SHA256
12b13a6a09919b89d975fca9fb43023cbcdc19805e3c0eb4f58c2f287975a1d0
-
SHA512
2358860f1a21469909205adb77ca87e9745e2bc8aec71b2fa67f8aa714eff21360e54bf6fce92d0cc7b0478d0bdadeba01760c80f08b5c9621803b737905e27d
-
SSDEEP
12288:yeg4rMiWuJQgQD21arzw1K9c8YfHndYBxl+gyC:yeg4jJpQqizw1ic8YfWBxl
Static task
static1
Behavioral task
behavioral1
Sample
b0f62ab2c4de0fa05eb98db27bce35dd_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
40.5
916
https://gheorghip.tumblr.com/
-
profile_id
916
Targets
-
-
Target
b0f62ab2c4de0fa05eb98db27bce35dd_JaffaCakes118
-
Size
605KB
-
MD5
b0f62ab2c4de0fa05eb98db27bce35dd
-
SHA1
9ea78a72716618d925be72afd6d868e4a3916f14
-
SHA256
12b13a6a09919b89d975fca9fb43023cbcdc19805e3c0eb4f58c2f287975a1d0
-
SHA512
2358860f1a21469909205adb77ca87e9745e2bc8aec71b2fa67f8aa714eff21360e54bf6fce92d0cc7b0478d0bdadeba01760c80f08b5c9621803b737905e27d
-
SSDEEP
12288:yeg4rMiWuJQgQD21arzw1K9c8YfHndYBxl+gyC:yeg4jJpQqizw1ic8YfWBxl
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-