General
-
Target
684e58097257460c80d6d1722e6d751e_JaffaCakes118
-
Size
3.8MB
-
Sample
240522-xsna7adb77
-
MD5
684e58097257460c80d6d1722e6d751e
-
SHA1
dc5aec127d721c889c642800590f3722ec843a6b
-
SHA256
f6056bf443cbb3630c60d3e50780cb5654a9c356a0207e539127a13157c9af39
-
SHA512
9fe72a5e02ee810c3fe97852e25b448032bd178446d44e3d0ed33a5e26714475ef3d2c9cbd6ee984a192c91bbedf94554c4803b48d0b53c96914486e1a0b50e2
-
SSDEEP
98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdP:uZHrzyG+2aDHGkS8Cd
Behavioral task
behavioral1
Sample
684e58097257460c80d6d1722e6d751e_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
684e58097257460c80d6d1722e6d751e_JaffaCakes118
-
Size
3.8MB
-
MD5
684e58097257460c80d6d1722e6d751e
-
SHA1
dc5aec127d721c889c642800590f3722ec843a6b
-
SHA256
f6056bf443cbb3630c60d3e50780cb5654a9c356a0207e539127a13157c9af39
-
SHA512
9fe72a5e02ee810c3fe97852e25b448032bd178446d44e3d0ed33a5e26714475ef3d2c9cbd6ee984a192c91bbedf94554c4803b48d0b53c96914486e1a0b50e2
-
SSDEEP
98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdP:uZHrzyG+2aDHGkS8Cd
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-