General
-
Target
6190eeff42adfd97dadf70c113307507_JaffaCakes118
-
Size
4.4MB
-
Sample
240521-bkf19adc49
-
MD5
6190eeff42adfd97dadf70c113307507
-
SHA1
179ad7f0ec40cedab3a9be7899ccb7d4198b1157
-
SHA256
fbc20e3e0ebdd85c005793d28329595ae379cef500d7e53cf3b6ae40829c159c
-
SHA512
d58c4ae33a7db95ab9b19e5debfd13d1d7d0ec93e658c5b9da06055fb646b769fb8328fbba682326aa42217abdc1a97d8aad83a9b8c8780fde39dfdcd12a63b8
-
SSDEEP
49152:LNokSBwqDJ9wI40QnUTfRVoK9lnaSESJho2+Pmx9q2Vr+Oj8lnYaFlcp7pEjI+Sf:5oAUbRqslaSHUP72NVCndup62ux6Fh
Behavioral task
behavioral1
Sample
6190eeff42adfd97dadf70c113307507_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
6190eeff42adfd97dadf70c113307507_JaffaCakes118
-
Size
4.4MB
-
MD5
6190eeff42adfd97dadf70c113307507
-
SHA1
179ad7f0ec40cedab3a9be7899ccb7d4198b1157
-
SHA256
fbc20e3e0ebdd85c005793d28329595ae379cef500d7e53cf3b6ae40829c159c
-
SHA512
d58c4ae33a7db95ab9b19e5debfd13d1d7d0ec93e658c5b9da06055fb646b769fb8328fbba682326aa42217abdc1a97d8aad83a9b8c8780fde39dfdcd12a63b8
-
SSDEEP
49152:LNokSBwqDJ9wI40QnUTfRVoK9lnaSESJho2+Pmx9q2Vr+Oj8lnYaFlcp7pEjI+Sf:5oAUbRqslaSHUP72NVCndup62ux6Fh
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-