General
-
Target
3b2b355c80a79da3a42109b327c95576_JaffaCakes118
-
Size
17.3MB
-
Sample
241012-vqa7qswckj
-
MD5
3b2b355c80a79da3a42109b327c95576
-
SHA1
0ec369f9459658346ff48941fd531ec94b41e18e
-
SHA256
ba05970dbe169411a8b77b2b5fb3c8572acb7447051e4a034b59f1d87127f905
-
SHA512
2ca16c93672706e06af68e089702a492d3a1f0c3c3bd1ce98271ccc3e7f34fd51d93b885bba103c8280a6b84ec74d68fe514e1107a0b508979f49fe88483c93a
-
SSDEEP
12288:1KK8QCgFYvJDQHa+Pu1wdrtiJeeeeeveeeeee:v5GlQHTm1wqJeeeeeveeeeee
Static task
static1
Behavioral task
behavioral1
Sample
3b2b355c80a79da3a42109b327c95576_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3b2b355c80a79da3a42109b327c95576_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3b2b355c80a79da3a42109b327c95576_JaffaCakes118
-
Size
17.3MB
-
MD5
3b2b355c80a79da3a42109b327c95576
-
SHA1
0ec369f9459658346ff48941fd531ec94b41e18e
-
SHA256
ba05970dbe169411a8b77b2b5fb3c8572acb7447051e4a034b59f1d87127f905
-
SHA512
2ca16c93672706e06af68e089702a492d3a1f0c3c3bd1ce98271ccc3e7f34fd51d93b885bba103c8280a6b84ec74d68fe514e1107a0b508979f49fe88483c93a
-
SSDEEP
12288:1KK8QCgFYvJDQHa+Pu1wdrtiJeeeeeveeeeee:v5GlQHTm1wqJeeeeeveeeeee
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-