General
-
Target
b5faa8cb97d8e4243e7682e87b4564d5_JaffaCakes118
-
Size
5.2MB
-
Sample
240822-cr7yzstdpe
-
MD5
b5faa8cb97d8e4243e7682e87b4564d5
-
SHA1
e2ac4280853b4f92d3a24cd36987385916c979f2
-
SHA256
d22e27507344c9b12dc9430cbdb3b542ec8ad2e68c2619f62fa7e1bd19ff6494
-
SHA512
f810474a7445bd42a9b457e7c8400a8df38240f901f7bd39918a6498db0e13d13cee06fb736ecb4b8fa2e3a2c6905836202c6d158ea2566c2bffec6b12155ab1
-
SSDEEP
49152:MyZ9wwolyh57ZMGANtVXhbjoB2us6VE9:MQZNzKRbcBrVE9
Behavioral task
behavioral1
Sample
b5faa8cb97d8e4243e7682e87b4564d5_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b5faa8cb97d8e4243e7682e87b4564d5_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b5faa8cb97d8e4243e7682e87b4564d5_JaffaCakes118
-
Size
5.2MB
-
MD5
b5faa8cb97d8e4243e7682e87b4564d5
-
SHA1
e2ac4280853b4f92d3a24cd36987385916c979f2
-
SHA256
d22e27507344c9b12dc9430cbdb3b542ec8ad2e68c2619f62fa7e1bd19ff6494
-
SHA512
f810474a7445bd42a9b457e7c8400a8df38240f901f7bd39918a6498db0e13d13cee06fb736ecb4b8fa2e3a2c6905836202c6d158ea2566c2bffec6b12155ab1
-
SSDEEP
49152:MyZ9wwolyh57ZMGANtVXhbjoB2us6VE9:MQZNzKRbcBrVE9
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-