General
-
Target
fc9bb08703623f16b3b6fd654ab14b4a_JaffaCakes118
-
Size
415KB
-
Sample
240420-m335aaeh74
-
MD5
fc9bb08703623f16b3b6fd654ab14b4a
-
SHA1
6031a2a5e8be0d2004f4422a6bf88ad11909c75b
-
SHA256
9bdcb8eed0ddc7b700e3ac1ded641d2f5f703ea3cdfedc5eaad228f01cbb94d6
-
SHA512
1e8f898f97d5515fd267578eddb3ec6ea9f5725be54b9bac7bf2ebc42d16428c2d81c86972e0769ba92324b20c3fb977c53d47ee5aab8c5c3f321c25fa28ba58
-
SSDEEP
12288:WWAQN6SlDqx/YBUY7kpgr8GHlSoF+IsGq:WvrSlE/Yq9roF+PH
Static task
static1
Behavioral task
behavioral1
Sample
fc9bb08703623f16b3b6fd654ab14b4a_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fc9bb08703623f16b3b6fd654ab14b4a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
lokibot
http://everydaywegrind.cf/Office4/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
fc9bb08703623f16b3b6fd654ab14b4a_JaffaCakes118
-
Size
415KB
-
MD5
fc9bb08703623f16b3b6fd654ab14b4a
-
SHA1
6031a2a5e8be0d2004f4422a6bf88ad11909c75b
-
SHA256
9bdcb8eed0ddc7b700e3ac1ded641d2f5f703ea3cdfedc5eaad228f01cbb94d6
-
SHA512
1e8f898f97d5515fd267578eddb3ec6ea9f5725be54b9bac7bf2ebc42d16428c2d81c86972e0769ba92324b20c3fb977c53d47ee5aab8c5c3f321c25fa28ba58
-
SSDEEP
12288:WWAQN6SlDqx/YBUY7kpgr8GHlSoF+IsGq:WvrSlE/Yq9roF+PH
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-