General
-
Target
4ae534b4a462a6785fa72530e9273a94_JaffaCakes118
-
Size
488KB
-
Sample
241016-b9kezawhrd
-
MD5
4ae534b4a462a6785fa72530e9273a94
-
SHA1
2c96544258aab4c6b086ff2220794fc49c1583ff
-
SHA256
7685353ae08a6c5e58dbb2b0fb3ca475290e6a264da80d57065905d81a2980da
-
SHA512
4aa4365bd94e1bff3f747ce9b74edadd91fc35ba9fb6d6df2eca0631b78428e7953a4ad8f50c0b60c13160e74c1570043ccb81ec3c69b8731632aa35bc887085
-
SSDEEP
12288:EgZXsQBbp57+Z5TIWcFvkvJKvA/uocAmgZ1OkRu6pH4:EZgAB3H
Static task
static1
Behavioral task
behavioral1
Sample
4ae534b4a462a6785fa72530e9273a94_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4ae534b4a462a6785fa72530e9273a94_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4ae534b4a462a6785fa72530e9273a94_JaffaCakes118
-
Size
488KB
-
MD5
4ae534b4a462a6785fa72530e9273a94
-
SHA1
2c96544258aab4c6b086ff2220794fc49c1583ff
-
SHA256
7685353ae08a6c5e58dbb2b0fb3ca475290e6a264da80d57065905d81a2980da
-
SHA512
4aa4365bd94e1bff3f747ce9b74edadd91fc35ba9fb6d6df2eca0631b78428e7953a4ad8f50c0b60c13160e74c1570043ccb81ec3c69b8731632aa35bc887085
-
SSDEEP
12288:EgZXsQBbp57+Z5TIWcFvkvJKvA/uocAmgZ1OkRu6pH4:EZgAB3H
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-