General
-
Target
c43c3c195e838ef81a36c1434fa7395c_JaffaCakes118
-
Size
952KB
-
Sample
241204-y627yavphn
-
MD5
c43c3c195e838ef81a36c1434fa7395c
-
SHA1
c9accdc1204579d13440df22e4892fcc2082dc7c
-
SHA256
24c57cf9a9fd72827ced5f95796cf333089f076c660bf06b5e7d071a4d5fc102
-
SHA512
5ec2613176ddf8ca9ae331823cb7b62d436ea007850e60a9aeeee0bf23c827a2e3c1eb422594bdd3ec4c86f7688d91f3e8a3c6b2435c46078069c53947a1739f
-
SSDEEP
12288:8ioQBrcKxHPULy+QVo5XeT8zZlmVlC+Q2cjQ7CJXPcq9y:89Q9cKxHo55Og9lU4xo
Static task
static1
Behavioral task
behavioral1
Sample
c43c3c195e838ef81a36c1434fa7395c_JaffaCakes118.dll
Resource
win7-20240903-en
Malware Config
Extracted
zloader
vasja
vasja
https://iqowijsdakm.com/gate.php
https://wiewjdmkfjn.com/gate.php
https://dksaoidiakjd.com/gate.php
https://iweuiqjdakjd.com/gate.php
https://yuidskadjna.com/gate.php
https://olksmadnbdj.com/gate.php
https://odsakmdfnbs.com/gate.php
https://odsakjmdnhsaj.com/gate.php
https://odjdnhsaj.com/gate.php
https://odoishsaj.com/gate.php
-
build_id
157
Targets
-
-
Target
c43c3c195e838ef81a36c1434fa7395c_JaffaCakes118
-
Size
952KB
-
MD5
c43c3c195e838ef81a36c1434fa7395c
-
SHA1
c9accdc1204579d13440df22e4892fcc2082dc7c
-
SHA256
24c57cf9a9fd72827ced5f95796cf333089f076c660bf06b5e7d071a4d5fc102
-
SHA512
5ec2613176ddf8ca9ae331823cb7b62d436ea007850e60a9aeeee0bf23c827a2e3c1eb422594bdd3ec4c86f7688d91f3e8a3c6b2435c46078069c53947a1739f
-
SSDEEP
12288:8ioQBrcKxHPULy+QVo5XeT8zZlmVlC+Q2cjQ7CJXPcq9y:89Q9cKxHo55Og9lU4xo
-
Zloader family
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-