General
-
Target
f4b20f18d99e2f7f2b060cf7df815e25_JaffaCakes118
-
Size
202KB
-
Sample
240924-3bce9a1dmj
-
MD5
f4b20f18d99e2f7f2b060cf7df815e25
-
SHA1
9d20c11d2f7c3b18b0d3a3254790ec7f751f2203
-
SHA256
86ca0a60afcf376885732b92deb9248dff612bf89bf03a9f1b9fb05d44d10b8c
-
SHA512
fde335da5faa162926396958bca5631683b14c309e5726faee6a5e66501e696eaa8fb519820373101430f980a750d50889cce772ccc9bd0d3807f2dad72e3488
-
SSDEEP
3072:gzEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HIWUbfp4ZaXfhRAG6KZnpGiLLh:gLV6Bta6dtJmakIM5+fZXjZZn35
Behavioral task
behavioral1
Sample
f4b20f18d99e2f7f2b060cf7df815e25_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
nanocore
1.2.2.0
nununerf.duckdns.org:65535
127.0.0.1:65535
18c7d561-3654-4b0b-ba63-23deef6b3afb
-
activate_away_mode
true
-
backup_connection_host
127.0.0.1
-
backup_dns_server
8.8.4.4
-
buffer_size
65547
-
build_time
2018-06-11T02:23:42.162394836Z
-
bypass_user_account_control
true
- bypass_user_account_control_data
-
clear_access_control
true
-
clear_zone_identifier
false
-
connect_delay
3973
-
connection_port
65535
-
default_group
Testing
-
enable_debug_mode
true
-
gc_threshold
1.048576e+07
-
keep_alive_timeout
29898
-
keyboard_logging
false
-
lan_timeout
2500
-
max_packet_size
1.048576e+07
-
mutex
18c7d561-3654-4b0b-ba63-23deef6b3afb
-
mutex_timeout
5078
-
prevent_system_sleep
false
-
primary_connection_host
nununerf.duckdns.org
-
primary_dns_server
8.8.8.8
-
request_elevation
true
-
restart_delay
5018
-
run_delay
6
-
run_on_startup
true
-
set_critical_process
true
-
timeout_interval
5108
-
use_custom_dns_server
false
-
version
1.2.2.0
-
wan_timeout
8000
Targets
-
-
Target
f4b20f18d99e2f7f2b060cf7df815e25_JaffaCakes118
-
Size
202KB
-
MD5
f4b20f18d99e2f7f2b060cf7df815e25
-
SHA1
9d20c11d2f7c3b18b0d3a3254790ec7f751f2203
-
SHA256
86ca0a60afcf376885732b92deb9248dff612bf89bf03a9f1b9fb05d44d10b8c
-
SHA512
fde335da5faa162926396958bca5631683b14c309e5726faee6a5e66501e696eaa8fb519820373101430f980a750d50889cce772ccc9bd0d3807f2dad72e3488
-
SSDEEP
3072:gzEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HIWUbfp4ZaXfhRAG6KZnpGiLLh:gLV6Bta6dtJmakIM5+fZXjZZn35
-