281a957b4f50eea290eb662820a4f96823b6ec4d7110ea9a786abe6e554a3c50 | Triage

Submit
Reports

Overview

overview

5

Static

static

3

winlogin.exe

windows7-x64

1

winlogin.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

Target

4a44a504b55b15eae3507f15077d3832_JaffaCakes118
Size

4.7MB
Sample

240516-knjqzsce6z
MD5

4a44a504b55b15eae3507f15077d3832
SHA1

ec388fda9329cf188307dca316107245e6965dd9
SHA256

281a957b4f50eea290eb662820a4f96823b6ec4d7110ea9a786abe6e554a3c50
SHA512

b1e8a3ef651748d046c4e0f791d6798fb2953248404d66cb000228a43e0725253dc087775b08b4a7dccc0d9393a078d9d8d3b08520acc000ff53e50c6acaf771
SSDEEP

98304:q4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Z4Zw:Q

Score

5^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

winlogin.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

winlogin.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  winlogin.exe
- Size
  
  128KB
- MD5
  
  868a82ae0fe24a97e401743f8ca7f340
- SHA1
  
  df6a181d02927c06bc54799a24907dea5a01855c
- SHA256
  
  84ff509bafc747f3dfd21872d2241643ebe0964b50d94d7862cc879748c77aa4
- SHA512
  
  4943fa9911bb22b61d93d691fae065615e49d4c25ea1807fb1a80f0feefcb5c2b3c51a8d0f27a17b53825c6dc7483ce2ee0242b6d4d3c17250b929e7ab116359
- SSDEEP
  
  3072:cYkcvhRI3FyG3dFqGxICtYF+l3HEIPJgLv5LQX:2cP1sYF+H/JgreX
Score

5^/10
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy