General
-
Target
5fcb9b4a8fe72fba741ee6088750a6ad_JaffaCakes118
-
Size
60KB
-
Sample
240520-ssamwafc56
-
MD5
5fcb9b4a8fe72fba741ee6088750a6ad
-
SHA1
ec0b6049d8c4d42d099c7fd0fe940252f604ca31
-
SHA256
1c50501d1b131f7276313ae1dc61f8b52775007b18ad179ecaf994c89484daba
-
SHA512
0a0fb48ca6bf08c52d9eafa0bf0ffe9bea3da2c455c7dfd59583c679d2b8dfa7bd0b619462b3a942649f5fc79be015d9896939a2449def90031a7b6216a96c15
-
SSDEEP
768:bZFh1yl84gZySk3sWCr/b2IGPD1ebcdiknq:bZF+lUZy3ArqIGPHdiqq
Static task
static1
Behavioral task
behavioral1
Sample
5fcb9b4a8fe72fba741ee6088750a6ad_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5fcb9b4a8fe72fba741ee6088750a6ad_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1ZN-9FbYbLcbSKxcBuvRbQndPhudvEUzQ
Targets
-
-
Target
5fcb9b4a8fe72fba741ee6088750a6ad_JaffaCakes118
-
Size
60KB
-
MD5
5fcb9b4a8fe72fba741ee6088750a6ad
-
SHA1
ec0b6049d8c4d42d099c7fd0fe940252f604ca31
-
SHA256
1c50501d1b131f7276313ae1dc61f8b52775007b18ad179ecaf994c89484daba
-
SHA512
0a0fb48ca6bf08c52d9eafa0bf0ffe9bea3da2c455c7dfd59583c679d2b8dfa7bd0b619462b3a942649f5fc79be015d9896939a2449def90031a7b6216a96c15
-
SSDEEP
768:bZFh1yl84gZySk3sWCr/b2IGPD1ebcdiknq:bZF+lUZy3ArqIGPHdiqq
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-