General
-
Target
686da91dfd575cc325685db58538bcc2_JaffaCakes118
-
Size
3.3MB
-
Sample
240522-yn6seaed2s
-
MD5
686da91dfd575cc325685db58538bcc2
-
SHA1
f5989ae8b3c178a8047994858054c63cebf1f3b6
-
SHA256
5cd900d44658b1ab9444f6f7331f44220192f8f1e9bcdd2e16fa74c340f89a00
-
SHA512
b3abaacdb501756a403b9843cae140dec96a98ebdf25bc92cbe709492311c3e75d6e8200a75b87c736c44f609398db00449b568e8b3d98d07adefa257a975bc1
-
SSDEEP
98304:tq3EoG9eb2cuidK6XvwLOEUwo09YbiW1j/rtm:U3EoG9equ5I927b71r4
Behavioral task
behavioral1
Sample
686da91dfd575cc325685db58538bcc2_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
686da91dfd575cc325685db58538bcc2_JaffaCakes118
-
Size
3.3MB
-
MD5
686da91dfd575cc325685db58538bcc2
-
SHA1
f5989ae8b3c178a8047994858054c63cebf1f3b6
-
SHA256
5cd900d44658b1ab9444f6f7331f44220192f8f1e9bcdd2e16fa74c340f89a00
-
SHA512
b3abaacdb501756a403b9843cae140dec96a98ebdf25bc92cbe709492311c3e75d6e8200a75b87c736c44f609398db00449b568e8b3d98d07adefa257a975bc1
-
SSDEEP
98304:tq3EoG9eb2cuidK6XvwLOEUwo09YbiW1j/rtm:U3EoG9equ5I927b71r4
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-