General
-
Target
ac5d728b6b3d733d23a422e400aa8fc0_JaffaCakes118
-
Size
1.4MB
-
Sample
240615-blzjzstemh
-
MD5
ac5d728b6b3d733d23a422e400aa8fc0
-
SHA1
f8a815920096ebeb5079d20bd126fe1a8e99db9e
-
SHA256
f675f9afcc24c1090a9ae0057f4197cf0b370725c9747489621c554499292317
-
SHA512
1cce74930c6ca5d731964acbaa7a6f700b7f60004e16464dd8050d2021ee98554a945fb60a3ec28b91174d8eb307c65c58bf9ece6d1efdb2e5e889aaaa2fa18c
-
SSDEEP
24576:su6Jx3O0c+JY5UZ+XC0kGso/WaudLwgK2tpBbga71WY:2I0c++OCvkGsUWauiY
Static task
static1
Behavioral task
behavioral1
Sample
ac5d728b6b3d733d23a422e400aa8fc0_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ac5d728b6b3d733d23a422e400aa8fc0_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
ac5d728b6b3d733d23a422e400aa8fc0_JaffaCakes118
-
Size
1.4MB
-
MD5
ac5d728b6b3d733d23a422e400aa8fc0
-
SHA1
f8a815920096ebeb5079d20bd126fe1a8e99db9e
-
SHA256
f675f9afcc24c1090a9ae0057f4197cf0b370725c9747489621c554499292317
-
SHA512
1cce74930c6ca5d731964acbaa7a6f700b7f60004e16464dd8050d2021ee98554a945fb60a3ec28b91174d8eb307c65c58bf9ece6d1efdb2e5e889aaaa2fa18c
-
SSDEEP
24576:su6Jx3O0c+JY5UZ+XC0kGso/WaudLwgK2tpBbga71WY:2I0c++OCvkGsUWauiY
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Drops file in Drivers directory
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-