General
-
Target
93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118
-
Size
1.5MB
-
Sample
240604-a75sfsgb76
-
MD5
93313e5c1a1d77a8fe8509c6037a0142
-
SHA1
752cf21b7d9e7aac4193bbb7ecc876cd7ccf2de6
-
SHA256
d2b1357d6e7ae3def93f909659a4687b7804eee2446347ae9563a5bd73fc1237
-
SHA512
9e76abfebd3db56b76ece15f94a503be9d270516a16629ce34eb8fa07a4a4ac00f041c1a348f38f747a6773f71222a79d294ab205c8c0ea992df936be46ff2a6
-
SSDEEP
24576:gwLdS3Pj1/riyZn3JJ77bw3ol+YTx4IKhA4kIAA3oKq/XElE+GmK+qM:3BU1Ti0ZJ77bw3AoA4BABKUgGno
Static task
static1
Behavioral task
behavioral1
Sample
93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118
-
Size
1.5MB
-
MD5
93313e5c1a1d77a8fe8509c6037a0142
-
SHA1
752cf21b7d9e7aac4193bbb7ecc876cd7ccf2de6
-
SHA256
d2b1357d6e7ae3def93f909659a4687b7804eee2446347ae9563a5bd73fc1237
-
SHA512
9e76abfebd3db56b76ece15f94a503be9d270516a16629ce34eb8fa07a4a4ac00f041c1a348f38f747a6773f71222a79d294ab205c8c0ea992df936be46ff2a6
-
SSDEEP
24576:gwLdS3Pj1/riyZn3JJ77bw3ol+YTx4IKhA4kIAA3oKq/XElE+GmK+qM:3BU1Ti0ZJ77bw3AoA4BABKUgGno
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-