General
-
Target
0f1b2e298467252d72d3f69079906641_JaffaCakes118
-
Size
3.5MB
-
Sample
240625-w7km6syclm
-
MD5
0f1b2e298467252d72d3f69079906641
-
SHA1
71ffa4c171e363bd7e920f5efd89db4335904147
-
SHA256
3a554fe0ce26157af66f7f7a45bdea403873dedb6b7afb0187c07edf3a0a01a5
-
SHA512
519b446bc5d5a7f6bf854bb70453f76af5ee6234454a929580ca7c58f0b62ee0d9c018c16f23da24a96c7e25727fce7ed9ebf9f8f19ee8405684f4879416568b
-
SSDEEP
49152:FkpsIab2zeDqAZ7WQ96EtwsWCduHhZSMuQqxzlPr36WLjXseedPcOx1yrZOTK:6sZizeDqAT96EDWGu+MNo3Njfsl1Gp
Static task
static1
Behavioral task
behavioral1
Sample
0f1b2e298467252d72d3f69079906641_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
0f1b2e298467252d72d3f69079906641_JaffaCakes118
-
Size
3.5MB
-
MD5
0f1b2e298467252d72d3f69079906641
-
SHA1
71ffa4c171e363bd7e920f5efd89db4335904147
-
SHA256
3a554fe0ce26157af66f7f7a45bdea403873dedb6b7afb0187c07edf3a0a01a5
-
SHA512
519b446bc5d5a7f6bf854bb70453f76af5ee6234454a929580ca7c58f0b62ee0d9c018c16f23da24a96c7e25727fce7ed9ebf9f8f19ee8405684f4879416568b
-
SSDEEP
49152:FkpsIab2zeDqAZ7WQ96EtwsWCduHhZSMuQqxzlPr36WLjXseedPcOx1yrZOTK:6sZizeDqAT96EDWGu+MNo3Njfsl1Gp
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-