General
-
Target
bc0b5a982af034d2b6d5992e0af86a71_JaffaCakes118
-
Size
373KB
-
Sample
240618-p5pe1sthpc
-
MD5
bc0b5a982af034d2b6d5992e0af86a71
-
SHA1
719b9930f141a56b38fb1d1d777581ed22f0f128
-
SHA256
1fad493e5bec3273b266272bdc673488f31282867da9b5a9d98c9d1f563a8e99
-
SHA512
99a63e1b2c307795ef4b8c4e23f64cdd0b33be8e59694b98c0f55e608616d2e50e591f11af90bcf3378838484a20694aa552cf22aeebb3ee2fd876cea5239f2b
-
SSDEEP
6144:qqt9UsmIfTCTY1izHdALgR1aFLx4EM5HwKtayP8mGduwkL0Tzao9s:FGsmof86LIYFLWHwKAyPWuwc0vi
Static task
static1
Behavioral task
behavioral1
Sample
bc0b5a982af034d2b6d5992e0af86a71_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
bc0b5a982af034d2b6d5992e0af86a71_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
bc0b5a982af034d2b6d5992e0af86a71_JaffaCakes118
-
Size
373KB
-
MD5
bc0b5a982af034d2b6d5992e0af86a71
-
SHA1
719b9930f141a56b38fb1d1d777581ed22f0f128
-
SHA256
1fad493e5bec3273b266272bdc673488f31282867da9b5a9d98c9d1f563a8e99
-
SHA512
99a63e1b2c307795ef4b8c4e23f64cdd0b33be8e59694b98c0f55e608616d2e50e591f11af90bcf3378838484a20694aa552cf22aeebb3ee2fd876cea5239f2b
-
SSDEEP
6144:qqt9UsmIfTCTY1izHdALgR1aFLx4EM5HwKtayP8mGduwkL0Tzao9s:FGsmof86LIYFLWHwKAyPWuwc0vi
Score7/10-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-