General
-
Target
e2d17019baf2d59634af4c4c219bcfc3_JaffaCakes118
-
Size
544KB
-
Sample
240406-sley1sch91
-
MD5
e2d17019baf2d59634af4c4c219bcfc3
-
SHA1
b28eef0889e4687c58bd9f6a4564969717370dd8
-
SHA256
73419677b8e2a57a744d5107dbbbd4d9a5c159664824c51e8be4902ca6cc703e
-
SHA512
1ddc6302ba6222b60cb826e7e35a1899b9c582bf1e7960317ba11aa7ea18f91b8125e4e0f1e78de5fd6f8d40e2ce65bbb75d3a315f72895c61c77da05f085004
-
SSDEEP
12288:6lqNjerYZ/rDKadVAMriHcli4+SJENGHBm++lOqsz+jGJgkZHIlwoO:6yjerY/7dVAWpEeN+lve+jIxIV
Static task
static1
Behavioral task
behavioral1
Sample
e2d17019baf2d59634af4c4c219bcfc3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
vidar
39.9
517
https://prophefliloc.tumblr.com/
-
profile_id
517
Targets
-
-
Target
e2d17019baf2d59634af4c4c219bcfc3_JaffaCakes118
-
Size
544KB
-
MD5
e2d17019baf2d59634af4c4c219bcfc3
-
SHA1
b28eef0889e4687c58bd9f6a4564969717370dd8
-
SHA256
73419677b8e2a57a744d5107dbbbd4d9a5c159664824c51e8be4902ca6cc703e
-
SHA512
1ddc6302ba6222b60cb826e7e35a1899b9c582bf1e7960317ba11aa7ea18f91b8125e4e0f1e78de5fd6f8d40e2ce65bbb75d3a315f72895c61c77da05f085004
-
SSDEEP
12288:6lqNjerYZ/rDKadVAMriHcli4+SJENGHBm++lOqsz+jGJgkZHIlwoO:6yjerY/7dVAWpEeN+lve+jIxIV
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-