General
-
Target
e645ba053af2486ad6ba75268209e8a1_JaffaCakes118
-
Size
179KB
-
Sample
240408-bc12fsca65
-
MD5
e645ba053af2486ad6ba75268209e8a1
-
SHA1
733834a94f191225d5f50cc29ec30463aa856516
-
SHA256
17b3fdf382032542d2e447526d8d9c279bea04e736ea8f96215e68498bbbd25d
-
SHA512
845512efc7179c5d62a7cf4d17119644878e2a38d87efa2f6a89eb3605b705e31bd508ce47258d83d2f00fe1e575e55197a5c48524293cf17158abd9e709abfe
-
SSDEEP
3072:jSUR1o1d33g7gM0voaOP1lrxNPwnFlLT9SpniRGJ5250WPsArywoOLi6:+UR+1B0gjvUNLNPqzLTEpn1J525tPsR6
Static task
static1
Behavioral task
behavioral1
Sample
e645ba053af2486ad6ba75268209e8a1_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
e645ba053af2486ad6ba75268209e8a1_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
smokeloader
0508
Extracted
smokeloader
2020
http://readinglistforjuly1.xyz/
http://readinglistforjuly2.xyz/
http://readinglistforjuly3.xyz/
http://readinglistforjuly4.xyz/
http://readinglistforjuly5.xyz/
http://readinglistforjuly6.xyz/
http://readinglistforjuly7.xyz/
http://readinglistforjuly8.xyz/
http://readinglistforjuly9.xyz/
http://readinglistforjuly10.xyz/
http://readinglistforjuly1.site/
http://readinglistforjuly2.site/
http://readinglistforjuly3.site/
http://readinglistforjuly4.site/
http://readinglistforjuly5.site/
http://readinglistforjuly6.site/
http://readinglistforjuly7.site/
http://readinglistforjuly8.site/
http://readinglistforjuly9.site/
http://readinglistforjuly10.site/
http://readinglistforjuly1.club/
http://readinglistforjuly2.club/
http://readinglistforjuly3.club/
http://readinglistforjuly4.club/
http://readinglistforjuly5.club/
http://readinglistforjuly6.club/
http://readinglistforjuly7.club/
http://readinglistforjuly8.club/
http://readinglistforjuly9.club/
http://readinglistforjuly10.club/
Targets
-
-
Target
e645ba053af2486ad6ba75268209e8a1_JaffaCakes118
-
Size
179KB
-
MD5
e645ba053af2486ad6ba75268209e8a1
-
SHA1
733834a94f191225d5f50cc29ec30463aa856516
-
SHA256
17b3fdf382032542d2e447526d8d9c279bea04e736ea8f96215e68498bbbd25d
-
SHA512
845512efc7179c5d62a7cf4d17119644878e2a38d87efa2f6a89eb3605b705e31bd508ce47258d83d2f00fe1e575e55197a5c48524293cf17158abd9e709abfe
-
SSDEEP
3072:jSUR1o1d33g7gM0voaOP1lrxNPwnFlLT9SpniRGJ5250WPsArywoOLi6:+UR+1B0gjvUNLNPqzLTEpn1J525tPsR6
Score10/10-
Deletes itself
-
Suspicious use of SetThreadContext
-