General
-
Target
826690f8e44578c940cf6b2bc6aa745a_JaffaCakes118
-
Size
703KB
-
Sample
240529-3vjzfafe83
-
MD5
826690f8e44578c940cf6b2bc6aa745a
-
SHA1
d640ba3276d1998385e6f7237c6c43b779553e26
-
SHA256
a68f82eeab67310e50631899bb57fdac1e81c6b2d04db87c8aa564ff2cc18748
-
SHA512
6f07b6f0b24735b7c83f739c3c81f3bb351da1dc3f21bd1a5247c2a71b8c7dabb65c027f5d61071c8a8e093aa62109ef00917851e761fe2c211c0745702f40a5
-
SSDEEP
12288:ZP0FsHBSlKz7E1jl8Y/fOjNkoQknKKVCJ22zKMzFfVJ/n8DtFSfWwwjj74JN:MKz72jlX3GTQxz22e48reW/cJN
Static task
static1
Behavioral task
behavioral1
Sample
826690f8e44578c940cf6b2bc6aa745a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
826690f8e44578c940cf6b2bc6aa745a_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
ebop.website - Port:
587 - Username:
info.center3@ebop.website - Password:
P@ssw0rdP@ssw0rd
Targets
-
-
Target
826690f8e44578c940cf6b2bc6aa745a_JaffaCakes118
-
Size
703KB
-
MD5
826690f8e44578c940cf6b2bc6aa745a
-
SHA1
d640ba3276d1998385e6f7237c6c43b779553e26
-
SHA256
a68f82eeab67310e50631899bb57fdac1e81c6b2d04db87c8aa564ff2cc18748
-
SHA512
6f07b6f0b24735b7c83f739c3c81f3bb351da1dc3f21bd1a5247c2a71b8c7dabb65c027f5d61071c8a8e093aa62109ef00917851e761fe2c211c0745702f40a5
-
SSDEEP
12288:ZP0FsHBSlKz7E1jl8Y/fOjNkoQknKKVCJ22zKMzFfVJ/n8DtFSfWwwjj74JN:MKz72jlX3GTQxz22e48reW/cJN
Score10/10-
Matiex Main payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-