General
-
Target
4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118
-
Size
9.1MB
-
Sample
240516-l8py6sga94
-
MD5
4a900f2aa71746ea06b562a2af8bcd1c
-
SHA1
58eabb8a1e9c57cbff797ead0d64fff4600765c0
-
SHA256
379f4c57ae3a0643b260d8cf97a2b7aeea4b00903d4fee346cfed36d60b06651
-
SHA512
00080d464f7c21b48a104f4ea2500969f16e31a216ede5553597b959e97254f98951daa60f4625cf238ca0995309b74fdbc6f66b2ca1c1977f91048a9d2888e9
-
SSDEEP
196608:auhsIrbKdj7G6Re1WQkY1XEUkQmajXnlU0PHkHOjCBpOIVERR:aSbKLerk63VnLnlUC22CJE
Static task
static1
Behavioral task
behavioral1
Sample
4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118
-
Size
9.1MB
-
MD5
4a900f2aa71746ea06b562a2af8bcd1c
-
SHA1
58eabb8a1e9c57cbff797ead0d64fff4600765c0
-
SHA256
379f4c57ae3a0643b260d8cf97a2b7aeea4b00903d4fee346cfed36d60b06651
-
SHA512
00080d464f7c21b48a104f4ea2500969f16e31a216ede5553597b959e97254f98951daa60f4625cf238ca0995309b74fdbc6f66b2ca1c1977f91048a9d2888e9
-
SSDEEP
196608:auhsIrbKdj7G6Re1WQkY1XEUkQmajXnlU0PHkHOjCBpOIVERR:aSbKLerk63VnLnlUC22CJE
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-