General
-
Target
fc0a293c2c8c94e0d335ff5012a194f0_JaffaCakes118
-
Size
847KB
-
Sample
240420-ga8amsae5v
-
MD5
fc0a293c2c8c94e0d335ff5012a194f0
-
SHA1
9e63213e36590df2d146fdea7b21902136b27b73
-
SHA256
77ada8345e7bd235de0c3660ce802f3b8105da41e16b6cdadd2274d53f42df7a
-
SHA512
23f02d4fac22e22c53aa7f73f77d299fdbfd6238b202221cb13b5f909eae66f92ac0e9c4855b35e76f8de1112dd68a63ba113ab435b63c38c71484a42710520c
-
SSDEEP
24576:k2kBiad50iXd37pf4HVchOe1lFQb/CoI18:IBi8FI1cFvQb
Static task
static1
Behavioral task
behavioral1
Sample
fc0a293c2c8c94e0d335ff5012a194f0_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fc0a293c2c8c94e0d335ff5012a194f0_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://frinqy.gq/apps/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
fc0a293c2c8c94e0d335ff5012a194f0_JaffaCakes118
-
Size
847KB
-
MD5
fc0a293c2c8c94e0d335ff5012a194f0
-
SHA1
9e63213e36590df2d146fdea7b21902136b27b73
-
SHA256
77ada8345e7bd235de0c3660ce802f3b8105da41e16b6cdadd2274d53f42df7a
-
SHA512
23f02d4fac22e22c53aa7f73f77d299fdbfd6238b202221cb13b5f909eae66f92ac0e9c4855b35e76f8de1112dd68a63ba113ab435b63c38c71484a42710520c
-
SSDEEP
24576:k2kBiad50iXd37pf4HVchOe1lFQb/CoI18:IBi8FI1cFvQb
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-