General
-
Target
25bcd6060ef04d6b9f5bbf87b5438493_JaffaCakes118
-
Size
1.9MB
-
Sample
240508-t26mcade9z
-
MD5
25bcd6060ef04d6b9f5bbf87b5438493
-
SHA1
aa0d64a590db8a3082a62c0d8be746474da462db
-
SHA256
24f77e925ecd537408005b80e69166b7182ab6a39d5b85248983e8bad794378b
-
SHA512
36a98ca9cfbdb219a3f1d12fab873d5a4ec3ee946794b2ca9c94f6dc84799235b89d2dac60b0a011e2094b1298ab3427d4b139efed7dd17afb90fcf339db8b5a
-
SSDEEP
24576:r4AYYZY9ECkNyvJO8KubK0gull1sURO1d3aoburqG+859oXZpcF+Wsm8Gjs1hsgz:re9El00uu0xlbp8T3aobqcJudMPPWa
Static task
static1
Behavioral task
behavioral1
Sample
25bcd6060ef04d6b9f5bbf87b5438493_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
25bcd6060ef04d6b9f5bbf87b5438493_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
sendsafe
UNREGISTERED
31.44.184.68:50007
31.44.184.68:50008
-
service_name
Enterprise Mailing Service
Targets
-
-
Target
25bcd6060ef04d6b9f5bbf87b5438493_JaffaCakes118
-
Size
1.9MB
-
MD5
25bcd6060ef04d6b9f5bbf87b5438493
-
SHA1
aa0d64a590db8a3082a62c0d8be746474da462db
-
SHA256
24f77e925ecd537408005b80e69166b7182ab6a39d5b85248983e8bad794378b
-
SHA512
36a98ca9cfbdb219a3f1d12fab873d5a4ec3ee946794b2ca9c94f6dc84799235b89d2dac60b0a011e2094b1298ab3427d4b139efed7dd17afb90fcf339db8b5a
-
SSDEEP
24576:r4AYYZY9ECkNyvJO8KubK0gull1sURO1d3aoburqG+859oXZpcF+Wsm8Gjs1hsgz:re9El00uu0xlbp8T3aobqcJudMPPWa
Score10/10-
SendSafe payload
-
Suspicious use of SetThreadContext
-