General
-
Target
7785760cf33381a6581c362b60420336_JaffaCakes118
-
Size
452KB
-
Sample
240527-ca4j8scb4x
-
MD5
7785760cf33381a6581c362b60420336
-
SHA1
6e92b75aa1651df7a7bd5db86edf17d2d5c2b112
-
SHA256
b7759e594f7cf64c4bd52ba608fed6a9fc44b5fcbef3bcfc9bf226663faecc5d
-
SHA512
2d4796e141f19cf534f9ab7a75e49e4e805965e14fe42ce2221d5882459156c77f47e3fdd275bc80d8e261e95580b0e16639fce212be24464fc7cf0bdc245554
-
SSDEEP
6144:LSV8I4/0zK4A7V1tMjBIBz6jrhHO1QBMIh8cQqJn2UReh0k5PFNg5BTzfrkpgPa4:LcS/0G4AjbzSdduN62757gT7PaErxp
Static task
static1
Behavioral task
behavioral1
Sample
7785760cf33381a6581c362b60420336_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7785760cf33381a6581c362b60420336_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
lokibot
http://rmsalf.com/hertyui098/tetrfunds33/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
7785760cf33381a6581c362b60420336_JaffaCakes118
-
Size
452KB
-
MD5
7785760cf33381a6581c362b60420336
-
SHA1
6e92b75aa1651df7a7bd5db86edf17d2d5c2b112
-
SHA256
b7759e594f7cf64c4bd52ba608fed6a9fc44b5fcbef3bcfc9bf226663faecc5d
-
SHA512
2d4796e141f19cf534f9ab7a75e49e4e805965e14fe42ce2221d5882459156c77f47e3fdd275bc80d8e261e95580b0e16639fce212be24464fc7cf0bdc245554
-
SSDEEP
6144:LSV8I4/0zK4A7V1tMjBIBz6jrhHO1QBMIh8cQqJn2UReh0k5PFNg5BTzfrkpgPa4:LcS/0G4AjbzSdduN62757gT7PaErxp
Score10/10-
Accesses Microsoft Outlook profiles
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-