General
-
Target
40469bb82dc14a99ae488dcf2757fcfe_JaffaCakes118
-
Size
1.1MB
-
Sample
240513-tfxsbadh54
-
MD5
40469bb82dc14a99ae488dcf2757fcfe
-
SHA1
281db0a9f73490389be3bc83e0677f7442192943
-
SHA256
21f1f3f4d6eb97956fdb931880e53f91c45abf0f823b8860974839ab01f464d4
-
SHA512
86e066f967b6dc92cd82b2ad119322d29bfaa71630b6bfeeb8fecda8b279b523025de9416abe6d65978a53d6e54c44f9ffce2fa56850af4f6afc929543c8fd4f
-
SSDEEP
24576:yGJPEfiWgy38XQ4zmwAMtqDN3WPqafHxbzK:J+7g+8K0qaBzK
Static task
static1
Behavioral task
behavioral1
Sample
40469bb82dc14a99ae488dcf2757fcfe_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
40469bb82dc14a99ae488dcf2757fcfe_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
40469bb82dc14a99ae488dcf2757fcfe_JaffaCakes118
-
Size
1.1MB
-
MD5
40469bb82dc14a99ae488dcf2757fcfe
-
SHA1
281db0a9f73490389be3bc83e0677f7442192943
-
SHA256
21f1f3f4d6eb97956fdb931880e53f91c45abf0f823b8860974839ab01f464d4
-
SHA512
86e066f967b6dc92cd82b2ad119322d29bfaa71630b6bfeeb8fecda8b279b523025de9416abe6d65978a53d6e54c44f9ffce2fa56850af4f6afc929543c8fd4f
-
SSDEEP
24576:yGJPEfiWgy38XQ4zmwAMtqDN3WPqafHxbzK:J+7g+8K0qaBzK
Score10/10-
StormKitty payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-