General
-
Target
ed07991eede56ecaf274d7c7f73f28e8_JaffaCakes118
-
Size
653KB
-
Sample
240920-hd4bjatdql
-
MD5
ed07991eede56ecaf274d7c7f73f28e8
-
SHA1
707ab348685e0ccd9298ffc5af93c1dde239a2d6
-
SHA256
62a400947ec8e6f7106bdf733097624a0c5ec27c081fd57b0898deb506e23f69
-
SHA512
98ef27b553e9825a75f7f7a86a99ec9a15d909ed493b96d2b628e40fe82f8f87bf482f75722263213f98e71f271d5ddc96895d4ab4920d621cfea30c36771181
-
SSDEEP
3072:o/Ahwjk9HgMWBrzBAbBGOY80ZccdpzY/xVSiHfHXe:nABr9AbwOUZ/7yHfHX
Static task
static1
Behavioral task
behavioral1
Sample
ed07991eede56ecaf274d7c7f73f28e8_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ed07991eede56ecaf274d7c7f73f28e8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
chekenat.pips.ru - Port:
21 - Username:
u320309 - Password:
8bkcduxf
Targets
-
-
Target
ed07991eede56ecaf274d7c7f73f28e8_JaffaCakes118
-
Size
653KB
-
MD5
ed07991eede56ecaf274d7c7f73f28e8
-
SHA1
707ab348685e0ccd9298ffc5af93c1dde239a2d6
-
SHA256
62a400947ec8e6f7106bdf733097624a0c5ec27c081fd57b0898deb506e23f69
-
SHA512
98ef27b553e9825a75f7f7a86a99ec9a15d909ed493b96d2b628e40fe82f8f87bf482f75722263213f98e71f271d5ddc96895d4ab4920d621cfea30c36771181
-
SSDEEP
3072:o/Ahwjk9HgMWBrzBAbBGOY80ZccdpzY/xVSiHfHXe:nABr9AbwOUZ/7yHfHX
Score10/10-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-