General
-
Target
f436f06e1b7e1d1e6f795ca10086a5e9_JaffaCakes118
-
Size
169KB
-
Sample
240416-ynfk8acf6v
-
MD5
f436f06e1b7e1d1e6f795ca10086a5e9
-
SHA1
5e0509d677c0d0b0701d9ce1c30199023b755855
-
SHA256
d82786dd43e20aea1972646855e9714d053e86bd41cb5d8767ff038c52cce68f
-
SHA512
1a93c4ba9e65cf9f050d73692022575dc54055417fc9294fb9e3e67dedc0f4e2717eb566a8507380b4498e0e44fb4a42fd0fec07a5940a9f7812c92710f6e1ad
-
SSDEEP
3072:KGl+abcB/MEaX3Lgr0WsWt6rW4l248V3FMrF4MNaa:flBb/bZicCVdKrL
Static task
static1
Behavioral task
behavioral1
Sample
f436f06e1b7e1d1e6f795ca10086a5e9_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
info07.ddns.net:1177
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
f436f06e1b7e1d1e6f795ca10086a5e9_JaffaCakes118
-
Size
169KB
-
MD5
f436f06e1b7e1d1e6f795ca10086a5e9
-
SHA1
5e0509d677c0d0b0701d9ce1c30199023b755855
-
SHA256
d82786dd43e20aea1972646855e9714d053e86bd41cb5d8767ff038c52cce68f
-
SHA512
1a93c4ba9e65cf9f050d73692022575dc54055417fc9294fb9e3e67dedc0f4e2717eb566a8507380b4498e0e44fb4a42fd0fec07a5940a9f7812c92710f6e1ad
-
SSDEEP
3072:KGl+abcB/MEaX3Lgr0WsWt6rW4l248V3FMrF4MNaa:flBb/bZicCVdKrL
-
Drops startup file
-
Suspicious use of SetThreadContext
-