General
-
Target
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118
-
Size
442KB
-
Sample
240411-the1aafa66
-
MD5
edcfec04d359001fe05e4c926eef84d8
-
SHA1
10aff36567d25df6924adb595006a164b88d780b
-
SHA256
36a1bea948304d1993d6eae96a1e22bc6f6964d13083f74c2c5ddde67cc68875
-
SHA512
eeb9a84358e90b0bf9e81e2e2f60cb9dd77ed86b5bf5ce85604d400b40b6eef7be3330f30128dbd1cf920694f83eff8225166b2276c9611352b1fcf7deb1d31a
-
SSDEEP
6144:7Y4iqEUI07K8x6ZgdkZ3GVtG8gtUZl21R:0qEUZe8x5dhetUZg
Static task
static1
Behavioral task
behavioral1
Sample
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
edcfec04d359001fe05e4c926eef84d8_JaffaCakes118
-
Size
442KB
-
MD5
edcfec04d359001fe05e4c926eef84d8
-
SHA1
10aff36567d25df6924adb595006a164b88d780b
-
SHA256
36a1bea948304d1993d6eae96a1e22bc6f6964d13083f74c2c5ddde67cc68875
-
SHA512
eeb9a84358e90b0bf9e81e2e2f60cb9dd77ed86b5bf5ce85604d400b40b6eef7be3330f30128dbd1cf920694f83eff8225166b2276c9611352b1fcf7deb1d31a
-
SSDEEP
6144:7Y4iqEUI07K8x6ZgdkZ3GVtG8gtUZl21R:0qEUZe8x5dhetUZg
Score10/10-
Detects BazaLoader malware
BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-