General
-
Target
f96199ae10700e46b14a34486dfa866d_JaffaCakes118
-
Size
1.3MB
-
Sample
240419-ds91eagb8y
-
MD5
f96199ae10700e46b14a34486dfa866d
-
SHA1
5599e55f4f27b7547d7ae475a182bf4d01ab53ba
-
SHA256
5c8221ceec2e70e4a6f6ddd9bad7fb6427890deb47f25f83df88e145d393e1ed
-
SHA512
8f4e129c9ad48ff86129af2944a871c69e50f3edd0321c175378459fcd3dd4375dabbc68ae2cb322a15f7b4b4cbc633f2dc755b33135ae52bd1dd996e4034313
-
SSDEEP
24576:+GJpdXroYbjoYNguDfL3/jSI8Aa8e210ZJqVLcdOHh3VAHoQascKtz9rECqM:XPXkThuDLPjSI/d5oIVg4HhGC0tJrECB
Static task
static1
Behavioral task
behavioral1
Sample
f96199ae10700e46b14a34486dfa866d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f96199ae10700e46b14a34486dfa866d_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
cobaltstrike
http://60.205.188.203:13694/d1nZ
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0)
Targets
-
-
Target
f96199ae10700e46b14a34486dfa866d_JaffaCakes118
-
Size
1.3MB
-
MD5
f96199ae10700e46b14a34486dfa866d
-
SHA1
5599e55f4f27b7547d7ae475a182bf4d01ab53ba
-
SHA256
5c8221ceec2e70e4a6f6ddd9bad7fb6427890deb47f25f83df88e145d393e1ed
-
SHA512
8f4e129c9ad48ff86129af2944a871c69e50f3edd0321c175378459fcd3dd4375dabbc68ae2cb322a15f7b4b4cbc633f2dc755b33135ae52bd1dd996e4034313
-
SSDEEP
24576:+GJpdXroYbjoYNguDfL3/jSI8Aa8e210ZJqVLcdOHh3VAHoQascKtz9rECqM:XPXkThuDLPjSI/d5oIVg4HhGC0tJrECB
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-