General
-
Target
6a27d79466a937b0cae645969d679571_JaffaCakes118
-
Size
140KB
-
Sample
240523-h3qrqshc22
-
MD5
6a27d79466a937b0cae645969d679571
-
SHA1
955e57a2247b91af0b2a0fd1153d0357419fef68
-
SHA256
c46bc8f7f6334e0ac2957de6b03b6a04bca97a5604c90ecbfd755a7b7fdeed59
-
SHA512
21674e96c528487aea20360221b238fe0d39eed3fde06edf0fcb9432a7f274f80a71d913bffdfa97d56a509d07277f702b37f975c7f424d8450babd8512b3be4
-
SSDEEP
768:txOFrCwD/2TgKucPo4zMtM/oaFA3rDwkRs03e/9KhrDimz6KLJ5IVAMcIyadIS8x:tA/HKTdA80lq0hrDim2EcVJcR
Static task
static1
Behavioral task
behavioral1
Sample
6a27d79466a937b0cae645969d679571_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6a27d79466a937b0cae645969d679571_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
guloader
https://credoaz.com/growth/bin_encrypted_8D5D1FF.bin
Targets
-
-
Target
6a27d79466a937b0cae645969d679571_JaffaCakes118
-
Size
140KB
-
MD5
6a27d79466a937b0cae645969d679571
-
SHA1
955e57a2247b91af0b2a0fd1153d0357419fef68
-
SHA256
c46bc8f7f6334e0ac2957de6b03b6a04bca97a5604c90ecbfd755a7b7fdeed59
-
SHA512
21674e96c528487aea20360221b238fe0d39eed3fde06edf0fcb9432a7f274f80a71d913bffdfa97d56a509d07277f702b37f975c7f424d8450babd8512b3be4
-
SSDEEP
768:txOFrCwD/2TgKucPo4zMtM/oaFA3rDwkRs03e/9KhrDimz6KLJ5IVAMcIyadIS8x:tA/HKTdA80lq0hrDim2EcVJcR
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-