379f4c57ae3a0643b260d8cf97a2b7aeea4b00903d4fee346cfed36d60b06651 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

4a900f2aa7...18.exe

windows7-x64

7

4a900f2aa7...18.exe

windows10-2004-x64

7

Sharing

General

Target

4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118
Size

9.1MB
Sample

240516-l8py6sga94
MD5

4a900f2aa71746ea06b562a2af8bcd1c
SHA1

58eabb8a1e9c57cbff797ead0d64fff4600765c0
SHA256

379f4c57ae3a0643b260d8cf97a2b7aeea4b00903d4fee346cfed36d60b06651
SHA512

00080d464f7c21b48a104f4ea2500969f16e31a216ede5553597b959e97254f98951daa60f4625cf238ca0995309b74fdbc6f66b2ca1c1977f91048a9d2888e9
SSDEEP

196608:auhsIrbKdj7G6Re1WQkY1XEUkQmajXnlU0PHkHOjCBpOIVERR:aSbKLerk63VnLnlUC22CJE

Score

7^/10

agilenet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a900f2aa71746ea06b562a2af8bcd1c_JaffaCakes118
- Size
  
  9.1MB
- MD5
  
  4a900f2aa71746ea06b562a2af8bcd1c
- SHA1
  
  58eabb8a1e9c57cbff797ead0d64fff4600765c0
- SHA256
  
  379f4c57ae3a0643b260d8cf97a2b7aeea4b00903d4fee346cfed36d60b06651
- SHA512
  
  00080d464f7c21b48a104f4ea2500969f16e31a216ede5553597b959e97254f98951daa60f4625cf238ca0995309b74fdbc6f66b2ca1c1977f91048a9d2888e9
- SSDEEP
  
  196608:auhsIrbKdj7G6Re1WQkY1XEUkQmajXnlU0PHkHOjCBpOIVERR:aSbKLerk63VnLnlUC22CJE
Score

7^/10

agilenet
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy