General
-
Target
442fa9f81a455d5155238d626bba2f15_JaffaCakes118
-
Size
347KB
-
Sample
241014-zw7v4szhkj
-
MD5
442fa9f81a455d5155238d626bba2f15
-
SHA1
387849b83c32abb0a85db203658f9f32a606ecb8
-
SHA256
2234a22e9066712e2e5f22bfee80e8132b7afa20369b5e45f9215fe77adfb701
-
SHA512
57ff11e3f45f0ccbfa36973c39775ad9bf6775a17891255f381ca59e81fadafac074c8411792f1f747fabe50ee24239be7b2d8cf75c3b6904730326e13cce36e
-
SSDEEP
6144:1fJwSXL8idRXj73BuVtESqNI1hDQ93iRqJnDxxR6xaUXuaqDT/EwgGSUS62Gm1zP:dRXL827Lm1hg+AD4xf+aqDT/EwgGSUSb
Static task
static1
Behavioral task
behavioral1
Sample
442fa9f81a455d5155238d626bba2f15_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
442fa9f81a455d5155238d626bba2f15_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
442fa9f81a455d5155238d626bba2f15_JaffaCakes118
-
Size
347KB
-
MD5
442fa9f81a455d5155238d626bba2f15
-
SHA1
387849b83c32abb0a85db203658f9f32a606ecb8
-
SHA256
2234a22e9066712e2e5f22bfee80e8132b7afa20369b5e45f9215fe77adfb701
-
SHA512
57ff11e3f45f0ccbfa36973c39775ad9bf6775a17891255f381ca59e81fadafac074c8411792f1f747fabe50ee24239be7b2d8cf75c3b6904730326e13cce36e
-
SSDEEP
6144:1fJwSXL8idRXj73BuVtESqNI1hDQ93iRqJnDxxR6xaUXuaqDT/EwgGSUS62Gm1zP:dRXL827Lm1hg+AD4xf+aqDT/EwgGSUSb
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-