General
-
Target
a89060af0580950afc9cbc177d3959ee_JaffaCakes118
-
Size
1.4MB
-
Sample
240614-jhflpszhnc
-
MD5
a89060af0580950afc9cbc177d3959ee
-
SHA1
4407e6493d34bbc76462ab7d920dced107d54647
-
SHA256
eae06aabf0300a5b78777f552060bd59b8774da393950626a62e73f499ab8d0e
-
SHA512
94c5540c109088469b62035507f77c4cfa892fcbeb5c9598ddfe0386ac6cc4ac343cae0c592317cde01e7cb9d830f0d43b3bf4bfa3e60f9a01e7221d25c81d45
-
SSDEEP
24576:Uu6Jx3O0c+JY5UZ+XC0kGso/WaHvP1VuNbfdMpWY:uI0c++OCvkGsUWaHOY
Static task
static1
Behavioral task
behavioral1
Sample
a89060af0580950afc9cbc177d3959ee_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a89060af0580950afc9cbc177d3959ee_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a89060af0580950afc9cbc177d3959ee_JaffaCakes118
-
Size
1.4MB
-
MD5
a89060af0580950afc9cbc177d3959ee
-
SHA1
4407e6493d34bbc76462ab7d920dced107d54647
-
SHA256
eae06aabf0300a5b78777f552060bd59b8774da393950626a62e73f499ab8d0e
-
SHA512
94c5540c109088469b62035507f77c4cfa892fcbeb5c9598ddfe0386ac6cc4ac343cae0c592317cde01e7cb9d830f0d43b3bf4bfa3e60f9a01e7221d25c81d45
-
SSDEEP
24576:Uu6Jx3O0c+JY5UZ+XC0kGso/WaHvP1VuNbfdMpWY:uI0c++OCvkGsUWaHOY
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-