General
-
Target
90cbfa46539ce2af4b7b412269c5d5eb_JaffaCakes118
-
Size
507KB
-
Sample
240603-gz3rfsfe78
-
MD5
90cbfa46539ce2af4b7b412269c5d5eb
-
SHA1
0310bde0a978374bd424bffd70a343e0dcc5b86d
-
SHA256
4b4395f5e2e7921f0b570a99b673000e29f44f942e94a2f4207642dda50aff12
-
SHA512
16479d660cef0205e5f01105f36da2357acc18c914fee1dbab2ca7f5e704a8733de35d3e2ee972f7265ff1909baacb960f0cecb24fdc97a86712d7bb28fdef64
-
SSDEEP
12288:pf6FVkT3UA6HmqZOPbizXmi1Ka47hOJC6/fa:EFKTmb4K91KlhY
Static task
static1
Behavioral task
behavioral1
Sample
90cbfa46539ce2af4b7b412269c5d5eb_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
90cbfa46539ce2af4b7b412269c5d5eb_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
90cbfa46539ce2af4b7b412269c5d5eb_JaffaCakes118
-
Size
507KB
-
MD5
90cbfa46539ce2af4b7b412269c5d5eb
-
SHA1
0310bde0a978374bd424bffd70a343e0dcc5b86d
-
SHA256
4b4395f5e2e7921f0b570a99b673000e29f44f942e94a2f4207642dda50aff12
-
SHA512
16479d660cef0205e5f01105f36da2357acc18c914fee1dbab2ca7f5e704a8733de35d3e2ee972f7265ff1909baacb960f0cecb24fdc97a86712d7bb28fdef64
-
SSDEEP
12288:pf6FVkT3UA6HmqZOPbizXmi1Ka47hOJC6/fa:EFKTmb4K91KlhY
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-