General
-
Target
22296fa34e9f92a07ed78f7a8c9e45ca_JaffaCakes118
-
Size
2.4MB
-
Sample
240703-nacbjazcjg
-
MD5
22296fa34e9f92a07ed78f7a8c9e45ca
-
SHA1
f26f6b740229a8694a45034e4e3aa89bd3173fae
-
SHA256
5fc0141ea5fed9249a023a71ee912f41c5d5e5d4027eff9254116603b890c84f
-
SHA512
92ae0c10ecf868d79ca9cc7a2eb8d654189964779b0a5df06b1f998c55b83809c5e996ccdf7f11baad00264fe8b6324bbf6f37fb40959dc2f549a76e0a391185
-
SSDEEP
3072:QxHlVCxwY7ftYVPKy902zJrNtiP7xYa6pjl:QFlVCxwY7ftUhJNu6pjl
Static task
static1
Behavioral task
behavioral1
Sample
22296fa34e9f92a07ed78f7a8c9e45ca_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
cybergate
2.6
ÖÍíÉ
sloohe.zapto.org:288
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
svchost.exe
-
install_file
windows.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
t?tulo da mensagem
-
password
abcd1234
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
22296fa34e9f92a07ed78f7a8c9e45ca_JaffaCakes118
-
Size
2.4MB
-
MD5
22296fa34e9f92a07ed78f7a8c9e45ca
-
SHA1
f26f6b740229a8694a45034e4e3aa89bd3173fae
-
SHA256
5fc0141ea5fed9249a023a71ee912f41c5d5e5d4027eff9254116603b890c84f
-
SHA512
92ae0c10ecf868d79ca9cc7a2eb8d654189964779b0a5df06b1f998c55b83809c5e996ccdf7f11baad00264fe8b6324bbf6f37fb40959dc2f549a76e0a391185
-
SSDEEP
3072:QxHlVCxwY7ftYVPKy902zJrNtiP7xYa6pjl:QFlVCxwY7ftUhJNu6pjl
-
Suspicious use of SetThreadContext
-