General
-
Target
65e183f999650701e30901b8cf864801_JaffaCakes118
-
Size
1.1MB
-
Sample
240522-d76arsba5z
-
MD5
65e183f999650701e30901b8cf864801
-
SHA1
cbc51318f370c99f256fc993d8082f4919fe8898
-
SHA256
c6306e44d7fa39d1e8beb2acfde2a5567a0c8b8b0ef0ef14f921a82b0e5f8807
-
SHA512
e7aac004ee373d12311a252eab57a96644310e6a196712b08dda3584046c1f3880ab7fe28dfd3e5234e6cd02f243b39b1e6723cd7ca43204dffdb02c16ab08b0
-
SSDEEP
24576:nAHnh+eWsN3skA4RV1Hom2KXMmHauDq+xM0NtFKvyhErE5Wy:ah+ZkldoPK8Yauu+tNtFKQEeX
Static task
static1
Behavioral task
behavioral1
Sample
65e183f999650701e30901b8cf864801_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
65e183f999650701e30901b8cf864801_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
smokeloader
119
Targets
-
-
Target
65e183f999650701e30901b8cf864801_JaffaCakes118
-
Size
1.1MB
-
MD5
65e183f999650701e30901b8cf864801
-
SHA1
cbc51318f370c99f256fc993d8082f4919fe8898
-
SHA256
c6306e44d7fa39d1e8beb2acfde2a5567a0c8b8b0ef0ef14f921a82b0e5f8807
-
SHA512
e7aac004ee373d12311a252eab57a96644310e6a196712b08dda3584046c1f3880ab7fe28dfd3e5234e6cd02f243b39b1e6723cd7ca43204dffdb02c16ab08b0
-
SSDEEP
24576:nAHnh+eWsN3skA4RV1Hom2KXMmHauDq+xM0NtFKvyhErE5Wy:ah+ZkldoPK8Yauu+tNtFKQEeX
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-