General
-
Target
a84bcbbfddc66f6cdbfee2ed6423b521_JaffaCakes118
-
Size
1.5MB
-
Sample
240614-g228pssaql
-
MD5
a84bcbbfddc66f6cdbfee2ed6423b521
-
SHA1
f96165dcd8f5bbb8533e2a83aa87ffe303035bf1
-
SHA256
3072d27680eb4ba724f426d47e5e6c8af5195ae1b7f2e23d9c9c65e7d8dec386
-
SHA512
3f54d5783427dad72d1e78a1d243879265fe3cb54399876f58080d68c919ea728df85d0ab75d2e99beeb32bf3b60b2d8d1a96528f111af1d2e7e8c0f244a190a
-
SSDEEP
24576:IUv2x/tsi8u/KljQdL9Z5PP0VEOH2JA59WFmKM4DKjS9jLYOxR4ITOF6cjHkW:b8rYyzIwgwkS9vzxqITc6OL
Static task
static1
Behavioral task
behavioral1
Sample
a84bcbbfddc66f6cdbfee2ed6423b521_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a84bcbbfddc66f6cdbfee2ed6423b521_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a84bcbbfddc66f6cdbfee2ed6423b521_JaffaCakes118
-
Size
1.5MB
-
MD5
a84bcbbfddc66f6cdbfee2ed6423b521
-
SHA1
f96165dcd8f5bbb8533e2a83aa87ffe303035bf1
-
SHA256
3072d27680eb4ba724f426d47e5e6c8af5195ae1b7f2e23d9c9c65e7d8dec386
-
SHA512
3f54d5783427dad72d1e78a1d243879265fe3cb54399876f58080d68c919ea728df85d0ab75d2e99beeb32bf3b60b2d8d1a96528f111af1d2e7e8c0f244a190a
-
SSDEEP
24576:IUv2x/tsi8u/KljQdL9Z5PP0VEOH2JA59WFmKM4DKjS9jLYOxR4ITOF6cjHkW:b8rYyzIwgwkS9vzxqITc6OL
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-