General
-
Target
fc7ac920ef9ed32fbdf122baf004f71c_JaffaCakes118
-
Size
149KB
-
Sample
240420-ls2yssed6x
-
MD5
fc7ac920ef9ed32fbdf122baf004f71c
-
SHA1
df0d7134bd78f2001c32f80899c9521b5ebd51fb
-
SHA256
b295592fcfddb1fea5b39dbd3b6d886e04136a172ba0a7b194963cbdf989a199
-
SHA512
4b828ba0d1e16f397c911aa293d2786b81f51f70c7b4b6e6c8c25cbef52936190726590c9af0a56b49a2cb2127e04d0fc612cabc6ce8680d5c52aa30ed94c3ca
-
SSDEEP
3072:gyE7feR0NlsBTjDmpdfjmRe7h0whKT0yB3M:G3NlCi7ez
Static task
static1
Behavioral task
behavioral1
Sample
fc7ac920ef9ed32fbdf122baf004f71c_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fc7ac920ef9ed32fbdf122baf004f71c_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
smokeloader
2020
http://readinglistforaugust1.xyz/
http://readinglistforaugust2.xyz/
http://readinglistforaugust3.xyz/
http://readinglistforaugust4.xyz/
http://readinglistforaugust5.xyz/
http://readinglistforaugust6.xyz/
http://readinglistforaugust7.xyz/
http://readinglistforaugust8.xyz/
http://readinglistforaugust9.xyz/
http://readinglistforaugust10.xyz/
http://readinglistforaugust1.site/
http://readinglistforaugust2.site/
http://readinglistforaugust3.site/
http://readinglistforaugust4.site/
http://readinglistforaugust5.site/
http://readinglistforaugust6.site/
http://readinglistforaugust7.site/
http://readinglistforaugust8.site/
http://readinglistforaugust9.site/
http://readinglistforaugust10.site/
http://readinglistforaugust1.club/
http://readinglistforaugust2.club/
http://readinglistforaugust3.club/
http://readinglistforaugust4.club/
http://readinglistforaugust5.club/
http://readinglistforaugust6.club/
http://readinglistforaugust7.club/
http://readinglistforaugust8.club/
http://readinglistforaugust9.club/
http://readinglistforaugust10.club/
Targets
-
-
Target
fc7ac920ef9ed32fbdf122baf004f71c_JaffaCakes118
-
Size
149KB
-
MD5
fc7ac920ef9ed32fbdf122baf004f71c
-
SHA1
df0d7134bd78f2001c32f80899c9521b5ebd51fb
-
SHA256
b295592fcfddb1fea5b39dbd3b6d886e04136a172ba0a7b194963cbdf989a199
-
SHA512
4b828ba0d1e16f397c911aa293d2786b81f51f70c7b4b6e6c8c25cbef52936190726590c9af0a56b49a2cb2127e04d0fc612cabc6ce8680d5c52aa30ed94c3ca
-
SSDEEP
3072:gyE7feR0NlsBTjDmpdfjmRe7h0whKT0yB3M:G3NlCi7ez
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-