General
-
Target
fe3a7e0cdc77fe60c29844d9195d7c51_JaffaCakes118
-
Size
470KB
-
Sample
240421-c188eaha9z
-
MD5
fe3a7e0cdc77fe60c29844d9195d7c51
-
SHA1
7ac914215df0925d870f4d7280d37c1d79cf8a81
-
SHA256
0978c6e9a1e62df2bf68b5cebd60dd4b8ac1ead3077c561bf420bfaf8d7be2ee
-
SHA512
d7bf64da6419bcc7539d1acaf504bc39deb6d85f76eca25c7aa531f915938ebd6d63b2ed2b760e49eaac04a7fd5e797200cfac0ac5f094954abca5644d0400ec
-
SSDEEP
12288:fEp+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXxk8cDIv8orw:zkbDaAoS1q5a
Static task
static1
Behavioral task
behavioral1
Sample
fe3a7e0cdc77fe60c29844d9195d7c51_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fe3a7e0cdc77fe60c29844d9195d7c51_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
azorult
http://193.247.144.18/index.php
Targets
-
-
Target
fe3a7e0cdc77fe60c29844d9195d7c51_JaffaCakes118
-
Size
470KB
-
MD5
fe3a7e0cdc77fe60c29844d9195d7c51
-
SHA1
7ac914215df0925d870f4d7280d37c1d79cf8a81
-
SHA256
0978c6e9a1e62df2bf68b5cebd60dd4b8ac1ead3077c561bf420bfaf8d7be2ee
-
SHA512
d7bf64da6419bcc7539d1acaf504bc39deb6d85f76eca25c7aa531f915938ebd6d63b2ed2b760e49eaac04a7fd5e797200cfac0ac5f094954abca5644d0400ec
-
SSDEEP
12288:fEp+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXxk8cDIv8orw:zkbDaAoS1q5a
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Suspicious use of SetThreadContext
-