General
-
Target
8c9588fc840287eceba9843b060d2fa6_JaffaCakes118
-
Size
292KB
-
Sample
241103-vpv6hsyhre
-
MD5
8c9588fc840287eceba9843b060d2fa6
-
SHA1
7c85d272c9ff7232564775f22ac159d09ec4803e
-
SHA256
b90acc871419af0cbd6e5e809e9aa36ee0e804597fc069f0f8572120faf20462
-
SHA512
ba196820b64936adb0fc46ce417695d9e0fcbdd4e7cac8708583938a84dc2edfd29b498ab6829829959f670736e2d28a5ff16d7a76cfa9bbeb7d0409ffaa4ba9
-
SSDEEP
6144:Vc6F7DOB46I0OdVdjldMnLY2/5bxos14IYE:VJF7DO5LOb3d12hbxoE4DE
Static task
static1
Behavioral task
behavioral1
Sample
8c9588fc840287eceba9843b060d2fa6_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
8c9588fc840287eceba9843b060d2fa6_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8c9588fc840287eceba9843b060d2fa6_JaffaCakes118
-
Size
292KB
-
MD5
8c9588fc840287eceba9843b060d2fa6
-
SHA1
7c85d272c9ff7232564775f22ac159d09ec4803e
-
SHA256
b90acc871419af0cbd6e5e809e9aa36ee0e804597fc069f0f8572120faf20462
-
SHA512
ba196820b64936adb0fc46ce417695d9e0fcbdd4e7cac8708583938a84dc2edfd29b498ab6829829959f670736e2d28a5ff16d7a76cfa9bbeb7d0409ffaa4ba9
-
SSDEEP
6144:Vc6F7DOB46I0OdVdjldMnLY2/5bxos14IYE:VJF7DO5LOb3d12hbxoE4DE
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-