General
-
Target
e62d40e9bd1eeab66cb3c781d543b64f_JaffaCakes118
-
Size
555KB
-
Sample
240408-aebc5sag78
-
MD5
e62d40e9bd1eeab66cb3c781d543b64f
-
SHA1
60936844a9b67f04929f02313cbe13216cc5a9b8
-
SHA256
18cd73a838afa7eaedf424631d6a079f2ffe83c8d400d129656cad2fa6260567
-
SHA512
caa04e2bb29e2f547852d1624fd5c05c11063d4c1e3c2419ee0af2fd56b19de9557faab86caf851fc8bb852020cef2df063cb73217d29c60af849e88c2a105d3
-
SSDEEP
12288:c3LWHX34JgXZrXhcepr1klgTszv1P9V594uFsNuEjdVIP9hefKUomLn/PUkvau2D:c3LQcepp9TsTh9VHyd99L/5iu2D
Static task
static1
Behavioral task
behavioral1
Sample
e62d40e9bd1eeab66cb3c781d543b64f_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e62d40e9bd1eeab66cb3c781d543b64f_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://everydaywegrind.ml/BN11/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
e62d40e9bd1eeab66cb3c781d543b64f_JaffaCakes118
-
Size
555KB
-
MD5
e62d40e9bd1eeab66cb3c781d543b64f
-
SHA1
60936844a9b67f04929f02313cbe13216cc5a9b8
-
SHA256
18cd73a838afa7eaedf424631d6a079f2ffe83c8d400d129656cad2fa6260567
-
SHA512
caa04e2bb29e2f547852d1624fd5c05c11063d4c1e3c2419ee0af2fd56b19de9557faab86caf851fc8bb852020cef2df063cb73217d29c60af849e88c2a105d3
-
SSDEEP
12288:c3LWHX34JgXZrXhcepr1klgTszv1P9V594uFsNuEjdVIP9hefKUomLn/PUkvau2D:c3LQcepp9TsTh9VHyd99L/5iu2D
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-