General
-
Target
6ef78c1b5c976ccd14c9255a507b0d57_JaffaCakes118
-
Size
1.0MB
-
Sample
240524-ssmx7sag62
-
MD5
6ef78c1b5c976ccd14c9255a507b0d57
-
SHA1
5f6ac454ea4d28d5ef65b1275549d04dc5e8b924
-
SHA256
9e225bf3574940c50c8cee01a89afc63708070ade6649fd5bdf7b267d6b04207
-
SHA512
eab373582428b50f3f02302dc1b3af105fce45fa7e9e1d0f69717172fd54d66486a393bb9026d7c910f1537be8b81562496a049d67da56fb07756e08f8aadd88
-
SSDEEP
24576:Keo/nvMrV5tCvikiHF7DA/kjDUrRfQRvtBg1fN:K3/n+VCqdlHAkUB11
Static task
static1
Behavioral task
behavioral1
Sample
6ef78c1b5c976ccd14c9255a507b0d57_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6ef78c1b5c976ccd14c9255a507b0d57_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
6ef78c1b5c976ccd14c9255a507b0d57_JaffaCakes118
-
Size
1.0MB
-
MD5
6ef78c1b5c976ccd14c9255a507b0d57
-
SHA1
5f6ac454ea4d28d5ef65b1275549d04dc5e8b924
-
SHA256
9e225bf3574940c50c8cee01a89afc63708070ade6649fd5bdf7b267d6b04207
-
SHA512
eab373582428b50f3f02302dc1b3af105fce45fa7e9e1d0f69717172fd54d66486a393bb9026d7c910f1537be8b81562496a049d67da56fb07756e08f8aadd88
-
SSDEEP
24576:Keo/nvMrV5tCvikiHF7DA/kjDUrRfQRvtBg1fN:K3/n+VCqdlHAkUB11
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-