General
-
Target
5f0c47ef87ccbe34bb6f84448efb3a35_JaffaCakes118
-
Size
774KB
-
Sample
240720-e8q3xawfrm
-
MD5
5f0c47ef87ccbe34bb6f84448efb3a35
-
SHA1
6924efcc70aef057a3b460aff90bdb6949e65477
-
SHA256
b3e414f2ca80ddc1a7ccc59dda87f0b141f0dafd3b1879b1ea1e3c97c6829ea5
-
SHA512
bc60a4710e242aa697b721a553ef26ee82aedf2aded25ca43f02bd23f305c5cdfbb1cd8cc2b289e39686bd5a004213e5e1901f814837bfaecc6407050f782f7f
-
SSDEEP
24576:OD4VHfQe6ZyWshg+qbZxTZZWunAWvlCaO5difB8HntoRKRBJPD:SFtidQGHCKRB
Static task
static1
Behavioral task
behavioral1
Sample
5f0c47ef87ccbe34bb6f84448efb3a35_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5f0c47ef87ccbe34bb6f84448efb3a35_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
lokibot
http://jlpack.email/file/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
5f0c47ef87ccbe34bb6f84448efb3a35_JaffaCakes118
-
Size
774KB
-
MD5
5f0c47ef87ccbe34bb6f84448efb3a35
-
SHA1
6924efcc70aef057a3b460aff90bdb6949e65477
-
SHA256
b3e414f2ca80ddc1a7ccc59dda87f0b141f0dafd3b1879b1ea1e3c97c6829ea5
-
SHA512
bc60a4710e242aa697b721a553ef26ee82aedf2aded25ca43f02bd23f305c5cdfbb1cd8cc2b289e39686bd5a004213e5e1901f814837bfaecc6407050f782f7f
-
SSDEEP
24576:OD4VHfQe6ZyWshg+qbZxTZZWunAWvlCaO5difB8HntoRKRBJPD:SFtidQGHCKRB
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-