General
-
Target
6bb7c41f759a6a0c090edb67049f11d0_JaffaCakes118
-
Size
216KB
-
Sample
240523-v2qfssae72
-
MD5
6bb7c41f759a6a0c090edb67049f11d0
-
SHA1
76bccf1ccef6fe52f8846724a78da8c6e9e1f08d
-
SHA256
3a1ba3bfee4b213f085df647f18f215b6893b7e98444947c65db812e5fbb1baf
-
SHA512
5f96fb2c2ffa8d7e664d0eba30a38e4f990646c704fede9349f493a83001a05b684e3a09ea729e02de3a1dea11085d2c62d8e92b1f561a1ccc16975bf9bcae5e
-
SSDEEP
1536:/12DpIhtQWe4XqkT8WChJViPP3/euuuvuuuuuuuDn2Vzn:YI/Jida/tr
Static task
static1
Behavioral task
behavioral1
Sample
6bb7c41f759a6a0c090edb67049f11d0_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
6bb7c41f759a6a0c090edb67049f11d0_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1us3ZR4YZf2R7r39QSP-y1ijpQ3n4aSYn
Targets
-
-
Target
6bb7c41f759a6a0c090edb67049f11d0_JaffaCakes118
-
Size
216KB
-
MD5
6bb7c41f759a6a0c090edb67049f11d0
-
SHA1
76bccf1ccef6fe52f8846724a78da8c6e9e1f08d
-
SHA256
3a1ba3bfee4b213f085df647f18f215b6893b7e98444947c65db812e5fbb1baf
-
SHA512
5f96fb2c2ffa8d7e664d0eba30a38e4f990646c704fede9349f493a83001a05b684e3a09ea729e02de3a1dea11085d2c62d8e92b1f561a1ccc16975bf9bcae5e
-
SSDEEP
1536:/12DpIhtQWe4XqkT8WChJViPP3/euuuvuuuuuuuDn2Vzn:YI/Jida/tr
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-