General
-
Target
9ba758b08ecfb820c6da64d7f954cbed_JaffaCakes118
-
Size
304KB
-
Sample
240610-xklgmawgjd
-
MD5
9ba758b08ecfb820c6da64d7f954cbed
-
SHA1
1c3739294d3a6fa957d007098854e308c88e717d
-
SHA256
9f8c3442cf2cc4b6fb9985353de632dd785d38c05a53b497f0d526ac7c3c1ee1
-
SHA512
359f44fb16b00916ff16f3a5c8a71d493f1a030beca9c1b848e3885ad8aab00d15f7c77afea6d6375eafc30fa0e7914a9f6b2fe1ce6be0bc83e4819f1a88b9c6
-
SSDEEP
6144:FFxNzzXzFuk9j/iXLs7dKW6PotJ7DNYx1EgOrHDMnSr:HzzDokBULs7dbQOV7RrHr
Static task
static1
Behavioral task
behavioral1
Sample
9ba758b08ecfb820c6da64d7f954cbed_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
9ba758b08ecfb820c6da64d7f954cbed_JaffaCakes118
-
Size
304KB
-
MD5
9ba758b08ecfb820c6da64d7f954cbed
-
SHA1
1c3739294d3a6fa957d007098854e308c88e717d
-
SHA256
9f8c3442cf2cc4b6fb9985353de632dd785d38c05a53b497f0d526ac7c3c1ee1
-
SHA512
359f44fb16b00916ff16f3a5c8a71d493f1a030beca9c1b848e3885ad8aab00d15f7c77afea6d6375eafc30fa0e7914a9f6b2fe1ce6be0bc83e4819f1a88b9c6
-
SSDEEP
6144:FFxNzzXzFuk9j/iXLs7dKW6PotJ7DNYx1EgOrHDMnSr:HzzDokBULs7dbQOV7RrHr
-
Beds Protector Packer
Detects Beds Protector packer used to load .NET malware.
-
HiveRAT payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-