General
-
Target
9055daadf3a0a7ba99c0cc5b21be6a3b_JaffaCakes118
-
Size
468KB
-
Sample
240603-djtxtsgh7v
-
MD5
9055daadf3a0a7ba99c0cc5b21be6a3b
-
SHA1
38a4b8845b6d371b13374d8fe922bbae177185de
-
SHA256
5b462673db1b309dfaadd4b425a6d8a7acde7daa5fd59b6cde38aca5921cbc1f
-
SHA512
bcc6408a1801291feb6ba2adf2790def2379d55f164a4c7a4ab626e41ce31f5042337b5e9c4259509e9b04b6d846cc490de08d4dd12c41953e221f15796894ee
-
SSDEEP
6144:bO/pdbOr/CyUEUJo2s6NtZqR/ooJKQq26oJ5YQvPF1rvymywX:b0dGKzRJdsM7qR/oKKQf6axvPHrvymJ
Static task
static1
Behavioral task
behavioral1
Sample
9055daadf3a0a7ba99c0cc5b21be6a3b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9055daadf3a0a7ba99c0cc5b21be6a3b_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
https://via33.net.br/painel/domain/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
9055daadf3a0a7ba99c0cc5b21be6a3b_JaffaCakes118
-
Size
468KB
-
MD5
9055daadf3a0a7ba99c0cc5b21be6a3b
-
SHA1
38a4b8845b6d371b13374d8fe922bbae177185de
-
SHA256
5b462673db1b309dfaadd4b425a6d8a7acde7daa5fd59b6cde38aca5921cbc1f
-
SHA512
bcc6408a1801291feb6ba2adf2790def2379d55f164a4c7a4ab626e41ce31f5042337b5e9c4259509e9b04b6d846cc490de08d4dd12c41953e221f15796894ee
-
SSDEEP
6144:bO/pdbOr/CyUEUJo2s6NtZqR/ooJKQq26oJ5YQvPF1rvymywX:b0dGKzRJdsM7qR/oKKQf6axvPHrvymJ
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-