General
-
Target
061f9c4ff6216bc85d50c529fcff2ff9_JaffaCakes118
-
Size
1.3MB
-
Sample
240428-1gfnraab4y
-
MD5
061f9c4ff6216bc85d50c529fcff2ff9
-
SHA1
08eaa4b65d1e06d35601417491551482d6e60f19
-
SHA256
01563afcb3b733a4199b992c4ede8d7b3835536a40b604c198e70cfc8dfc5cf0
-
SHA512
6e8228c7d825765a7497ff04aebf8a27311b259866210ca17c7e0dcbcbb8326d399905c837c019ebbf2611f4a0a121ee98badc4717765101f6d0a857436896c4
-
SSDEEP
24576:zNmeRKYlfJRgHKWIos1IXgs4numN62Bb3IY:JmfYlnYKWDMIYmMR
Static task
static1
Behavioral task
behavioral1
Sample
061f9c4ff6216bc85d50c529fcff2ff9_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
061f9c4ff6216bc85d50c529fcff2ff9_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
061f9c4ff6216bc85d50c529fcff2ff9_JaffaCakes118
-
Size
1.3MB
-
MD5
061f9c4ff6216bc85d50c529fcff2ff9
-
SHA1
08eaa4b65d1e06d35601417491551482d6e60f19
-
SHA256
01563afcb3b733a4199b992c4ede8d7b3835536a40b604c198e70cfc8dfc5cf0
-
SHA512
6e8228c7d825765a7497ff04aebf8a27311b259866210ca17c7e0dcbcbb8326d399905c837c019ebbf2611f4a0a121ee98badc4717765101f6d0a857436896c4
-
SSDEEP
24576:zNmeRKYlfJRgHKWIos1IXgs4numN62Bb3IY:JmfYlnYKWDMIYmMR
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-