General
-
Target
b23a5d0a402282f3608deb0604b0ac59_JaffaCakes118
-
Size
486KB
-
Sample
241129-s4m3catkd1
-
MD5
b23a5d0a402282f3608deb0604b0ac59
-
SHA1
9dbc48c80dbe974ff149e52b8b0cbeca1237685e
-
SHA256
3f23e647fff8d2b4e202c3969d522e8f39566e617f856023ba845e706beb678d
-
SHA512
ea81cf67fa3742aa8c8bf2c8359b10c75f3b8e5d707d748b78cd965ddb11c41d0a0fc9128b081729b88515125d7e8bce2067936066c57f158e3849af30d8de8e
-
SSDEEP
12288:YBEwjwVWydPicpWVw3najE86wf8pnzPnUYOHmD7UQUFaCb:I6tPicppnabjWzPUYSm7Up0e
Malware Config
Targets
-
-
Target
b23a5d0a402282f3608deb0604b0ac59_JaffaCakes118
-
Size
486KB
-
MD5
b23a5d0a402282f3608deb0604b0ac59
-
SHA1
9dbc48c80dbe974ff149e52b8b0cbeca1237685e
-
SHA256
3f23e647fff8d2b4e202c3969d522e8f39566e617f856023ba845e706beb678d
-
SHA512
ea81cf67fa3742aa8c8bf2c8359b10c75f3b8e5d707d748b78cd965ddb11c41d0a0fc9128b081729b88515125d7e8bce2067936066c57f158e3849af30d8de8e
-
SSDEEP
12288:YBEwjwVWydPicpWVw3najE86wf8pnzPnUYOHmD7UQUFaCb:I6tPicppnabjWzPUYSm7Up0e
Score10/10-
NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
-
Nanocore family
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-