General
-
Target
6da9dcda10b9142eba7385a531a0e390_JaffaCakes118
-
Size
280KB
-
Sample
240524-hprf4sha8v
-
MD5
6da9dcda10b9142eba7385a531a0e390
-
SHA1
4115f6ca5c4dc84acc76c40a37fb4067dc41963b
-
SHA256
1ff96a090a1a1d31dd8e13e59520c4ac5b323e0db7e7993e3b69349e3497afc3
-
SHA512
b63721623bda397b4c9685aedbc32b77f3052d7e61c5f4a9b8c790cb1edf2cf76f4640a29f4801748d66d2718f05a89dde86c33d3fb604ddd061b70640a16f38
-
SSDEEP
3072:F3uqtizlHWbPVt1aVfHfSBrEFUPnr6rHaS9y1TOhJeY4/IWW2EXVgwyvPDmsc01j:F3uD8doHqBrEFwr6bao+welXWgwGi7M
Static task
static1
Behavioral task
behavioral1
Sample
6da9dcda10b9142eba7385a531a0e390_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6da9dcda10b9142eba7385a531a0e390_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6da9dcda10b9142eba7385a531a0e390_JaffaCakes118
-
Size
280KB
-
MD5
6da9dcda10b9142eba7385a531a0e390
-
SHA1
4115f6ca5c4dc84acc76c40a37fb4067dc41963b
-
SHA256
1ff96a090a1a1d31dd8e13e59520c4ac5b323e0db7e7993e3b69349e3497afc3
-
SHA512
b63721623bda397b4c9685aedbc32b77f3052d7e61c5f4a9b8c790cb1edf2cf76f4640a29f4801748d66d2718f05a89dde86c33d3fb604ddd061b70640a16f38
-
SSDEEP
3072:F3uqtizlHWbPVt1aVfHfSBrEFUPnr6rHaS9y1TOhJeY4/IWW2EXVgwyvPDmsc01j:F3uD8doHqBrEFwr6bao+welXWgwGi7M
Score7/10-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-