General
-
Target
5506fb6a168f43d7059875a06679a653_JaffaCakes118
-
Size
292KB
-
Sample
240518-q5lvkaed8s
-
MD5
5506fb6a168f43d7059875a06679a653
-
SHA1
afa9fb361969af1a03ad807720f25d426e8a8e39
-
SHA256
c0bd1e78b094f76b74de5d19080693f87623729a145e097231e2206dfb81cce8
-
SHA512
a7556984b80f0214ea2a2f6334d90d91e3e44117f31b1d29b2f7090c0e73c588121e059a3a108aa728d3b72a75f4990a194c1bd8f4e20ae5f47f0c347a9ee03d
-
SSDEEP
3072:L1Ea8ZpUVmYrrFc74+he3IPzQQGcnQGlYoZI3/i3aMda4vWgjAJjGWaBIo/E:P8K9FcE+he3uGcnpYk2R48juIYE
Static task
static1
Behavioral task
behavioral1
Sample
5506fb6a168f43d7059875a06679a653_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
5506fb6a168f43d7059875a06679a653_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5506fb6a168f43d7059875a06679a653_JaffaCakes118
-
Size
292KB
-
MD5
5506fb6a168f43d7059875a06679a653
-
SHA1
afa9fb361969af1a03ad807720f25d426e8a8e39
-
SHA256
c0bd1e78b094f76b74de5d19080693f87623729a145e097231e2206dfb81cce8
-
SHA512
a7556984b80f0214ea2a2f6334d90d91e3e44117f31b1d29b2f7090c0e73c588121e059a3a108aa728d3b72a75f4990a194c1bd8f4e20ae5f47f0c347a9ee03d
-
SSDEEP
3072:L1Ea8ZpUVmYrrFc74+he3IPzQQGcnQGlYoZI3/i3aMda4vWgjAJjGWaBIo/E:P8K9FcE+he3uGcnpYk2R48juIYE
Score7/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-