General
-
Target
fd431c5a611bcd579ea5b6a5895ffbbf_JaffaCakes118
-
Size
840KB
-
Sample
240420-v47svsdg44
-
MD5
fd431c5a611bcd579ea5b6a5895ffbbf
-
SHA1
d25e0760b49c648208e9bea8be32c8b25130d765
-
SHA256
40f64598ea5474156f785a9baf153e066c83cb52bb2caef41e001290d5b3c6b9
-
SHA512
8cb6edee91ad2393788baf1d8cd929d2ca0522a025eb496c4801d35e23298f67cca36a200a380b9bf268db3227c44848b76c7566bd64ad36c7bc5f64e44fda3d
-
SSDEEP
24576:Qk/2zlK/rRsdMXqFZl9gmnSOA+8H6hmNHy:lKLFfEOqHTA
Static task
static1
Behavioral task
behavioral1
Sample
CTM request ETA 30 July 2021.pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
CTM request ETA 30 July 2021.pdf.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
CTM request ETA 30 July 2021.pdf.exe
-
Size
931KB
-
MD5
24bf9d46f46348a01a7a066376cab588
-
SHA1
90b0f98069cf5bc46a33d7d5cee7bf634249f700
-
SHA256
a3a2aeebad1531fd93c2ff210b9029f5511ebb07eb84f56bae98e8491101ba83
-
SHA512
e7f2ae84459f2458291215ff0e0002d2ece5b9a5f7dba6ccbe6621833d484545de116bc2f60da59c0b5033b49bf6a71cdf6ac063128c48321a5328f7fe28599f
-
SSDEEP
12288:AUmdXq+nKqUyaLQZMh3AQXhI5/d/mFU9KY4rusSmlLjgp7rV/eOHyLvkfwn3E6+6:NmAQ6++3W5/d/AusjLaHmvkI3E
Score10/10-
Snake Keylogger payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-