General
-
Target
a3ba5a4b0207abd51259e63aafa16197_JaffaCakes118
-
Size
1.2MB
-
Sample
240817-xjpsna1dke
-
MD5
a3ba5a4b0207abd51259e63aafa16197
-
SHA1
8a672955e55728a485361fad3b9ff4550437c9a5
-
SHA256
6703200536ac1c58e784d238e2570dea87a0bba9fa37de7e3f35b06198ca7efa
-
SHA512
b32e7f34c06a07f7cf3ac2a1c6cefa7b2aa5900eac155c40e4b843eb39ba7c8adc43caedf6a06c2a34b09f82962877af45480a371a376b951226c4d46cb9c46d
-
SSDEEP
24576:D5Ihb6mCBx9g0rMVCxbOktU0/W+TR9/phbNumlNUFUaSH6JzqOiCl1UqlrZ4UF2:D5I0+0mCxSktR/W4/71MiCl1lF
Static task
static1
Behavioral task
behavioral1
Sample
a3ba5a4b0207abd51259e63aafa16197_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
a3ba5a4b0207abd51259e63aafa16197_JaffaCakes118
-
Size
1.2MB
-
MD5
a3ba5a4b0207abd51259e63aafa16197
-
SHA1
8a672955e55728a485361fad3b9ff4550437c9a5
-
SHA256
6703200536ac1c58e784d238e2570dea87a0bba9fa37de7e3f35b06198ca7efa
-
SHA512
b32e7f34c06a07f7cf3ac2a1c6cefa7b2aa5900eac155c40e4b843eb39ba7c8adc43caedf6a06c2a34b09f82962877af45480a371a376b951226c4d46cb9c46d
-
SSDEEP
24576:D5Ihb6mCBx9g0rMVCxbOktU0/W+TR9/phbNumlNUFUaSH6JzqOiCl1UqlrZ4UF2:D5I0+0mCxSktR/W4/71MiCl1lF
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-