General
-
Target
690fda9832f6a7ab887055156d749fc0_JaffaCakes118
-
Size
5.8MB
-
Sample
240522-3xtxesdh97
-
MD5
690fda9832f6a7ab887055156d749fc0
-
SHA1
0e8400c41883f161dfa19edc994d006153f0535b
-
SHA256
f02bd1696420e04a7409d1e26fb0a7fb0743d1ba6d72ea244f7841aa253eae0e
-
SHA512
a69b6dd3b32327d8772dac2b216a321824def39f06f3dd3a05f45b7e6dd460b5e78482dae375bc176149339b2e3ce73f52d60b6ce5cf8527702d44244ccb7466
-
SSDEEP
98304:w+w47RRPLddXzWcYJSWrs/DHhgT7IRqWFxdy++JlgoM4o5nU/1PgDpgoKgDwsLe6:wd47RJLddjWcqSWI/ruT+rpmXQKY9got
Static task
static1
Behavioral task
behavioral1
Sample
2445/MenOfWarAssaultSquad2+5TR-LNG_v3.028.2.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2445/MenOfWarAssaultSquad2+5TR-LNG_v3.028.2.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2445/MenOfWarAssaultSquad2+5TR-LNG_v3.028.2.exe
-
Size
5.8MB
-
MD5
89aa694c9dd6033a80a9fca614557f23
-
SHA1
d44e1779289d2f8110dba88a42e343efb0432268
-
SHA256
ef187d7db48a1df4f7d0104e8f486c650bf1f3c0c59d68ea9ef4c3b7f4294156
-
SHA512
1c00074f80ecf7bf66fe4ad32302a6f4b67da7b63bf8046ab297172c79723abb086d4d395c6e7cff7596af1fcf18f7d99c49cebb258debe504a53a02efa0afc2
-
SSDEEP
98304:n1pB4D89tZNv73z/ElurgZPSjkKCj6sG4iLrlU38wCcs4WTtuSz5ExK7SUnJvdKf:nbB4w9Bzljh74is8XcsPTtpExK7SUJvG
Score6/10-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-