General
-
Target
68911a77f4b29dee848cdc52662b6f0c_JaffaCakes118
-
Size
23KB
-
Sample
240522-zja1lsga69
-
MD5
68911a77f4b29dee848cdc52662b6f0c
-
SHA1
5f0ebe0bda1829e077aa4c549e80dd9d34832450
-
SHA256
7ee9c4c62748596707506eccb51ced6b0a934f33222fd67a4e4038c4eac81224
-
SHA512
9a34932d27a220dfcde7646717b9b05cae20e006f381f05b755f04968746e888d7ed20f9031ec2ca113b41ecd12c772b357d31279f2e33472cc04829e04b8b31
-
SSDEEP
384:JsC3sL1TJctPIuaFrSqAbL7tMppj2F1XS3tX/1iBQfHrmLjeFxJk5h2RjOyiFsBv:JtsLRiPcFrSqAbvOppj2Pi3Z/UAkiR+k
Static task
static1
Behavioral task
behavioral1
Sample
Gecikmis odeme.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Gecikmis odeme.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
guloader
https://www.mediafire.com/file/md0mc3zocq6uh6b/gbam_encrypted_65A39A0.bin/file
Targets
-
-
Target
Gecikmis odeme.exe
-
Size
104KB
-
MD5
bb357ccfe2cfcda6512d979e4bfd4b84
-
SHA1
9a63e5f0d0e5f66a9b7ee47a2fd7a2eeefab36e2
-
SHA256
0bd6c14cb1ba4500de6884448d122ad199f67cb56912533aef9cbbe7d7c3b66f
-
SHA512
8271bbb94a7d313f47e631f705c56f04b3af86541e448a9ab38c48173c4bef3afb7db21bb82ace31444b1d16910915c55d399260ff82e15cdabe37a8151f73b9
-
SSDEEP
768:En8cA69MRzXDRbfDbMh7aZRGNcxmT2dr7+4AHsE3FlgXmUbv/P9:O9MRzFbDbMh2uYq25+4s3FGtbv/P9
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-