General
-
Target
fb4e9686e8d934c6e71f69fbf69cbba6_JaffaCakes118
-
Size
1.3MB
-
Sample
240419-2d67zaaa7w
-
MD5
fb4e9686e8d934c6e71f69fbf69cbba6
-
SHA1
91b52740a1d9a46bddb568cfc6e9d035c5160b22
-
SHA256
f9c069523cc221dcea4a5b46281e6752ba4a567480b7c81e3a80d369c73b07ff
-
SHA512
36c09106eeaa9bbd452fef2bb8d6dda58e1894f1a54963af4b27f61c73ddbf45bb6c523b10a18a22dce138fb6fa5ffba72a7190c6a9e3c2ff24eaf166ba2f87d
-
SSDEEP
24576:K/86WY0n6q9nXshv7ogKw+/dA1hhLdiIIjE6YdZxua7Fz:nSrqRXshMgushQm6Yjxua7Fz
Static task
static1
Behavioral task
behavioral1
Sample
fb4e9686e8d934c6e71f69fbf69cbba6_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
fb4e9686e8d934c6e71f69fbf69cbba6_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fb4e9686e8d934c6e71f69fbf69cbba6_JaffaCakes118
-
Size
1.3MB
-
MD5
fb4e9686e8d934c6e71f69fbf69cbba6
-
SHA1
91b52740a1d9a46bddb568cfc6e9d035c5160b22
-
SHA256
f9c069523cc221dcea4a5b46281e6752ba4a567480b7c81e3a80d369c73b07ff
-
SHA512
36c09106eeaa9bbd452fef2bb8d6dda58e1894f1a54963af4b27f61c73ddbf45bb6c523b10a18a22dce138fb6fa5ffba72a7190c6a9e3c2ff24eaf166ba2f87d
-
SSDEEP
24576:K/86WY0n6q9nXshv7ogKw+/dA1hhLdiIIjE6YdZxua7Fz:nSrqRXshMgushQm6Yjxua7Fz
Score10/10-
Detect ZGRat V1
-
RevcodeRat, WebMonitorRat
WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.
-
WebMonitor payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-