General
-
Target
e432cebb34cc6c04759a8c48d848a3e3_JaffaCakes118
-
Size
368KB
-
Sample
241212-cfnqzawpax
-
MD5
e432cebb34cc6c04759a8c48d848a3e3
-
SHA1
c30a8a53ae2a3ff7ed3139ad0ad8c98cb678d4ce
-
SHA256
38e9db65cc45506161d779d032df7f2e8e0d288af6c430ed2a35db104d1dcc6c
-
SHA512
17757062d4df8e3c068ca9b62c90783f33b866e3a70346cc0d70bfb178e4172adae5aeb34e5c3ac9b70dfa540a3eace072d3f509efd53b99bf3714bfc82450d4
-
SSDEEP
6144:8cCz6qyCkpVXdvJP2GymFCU+4VTdEKtgtTjr2y:8cCz6qpkpVlJOjUCUBVTOj
Static task
static1
Behavioral task
behavioral1
Sample
e432cebb34cc6c04759a8c48d848a3e3_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e432cebb34cc6c04759a8c48d848a3e3_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
latentbot
xporphyriax.zapto.org
Targets
-
-
Target
e432cebb34cc6c04759a8c48d848a3e3_JaffaCakes118
-
Size
368KB
-
MD5
e432cebb34cc6c04759a8c48d848a3e3
-
SHA1
c30a8a53ae2a3ff7ed3139ad0ad8c98cb678d4ce
-
SHA256
38e9db65cc45506161d779d032df7f2e8e0d288af6c430ed2a35db104d1dcc6c
-
SHA512
17757062d4df8e3c068ca9b62c90783f33b866e3a70346cc0d70bfb178e4172adae5aeb34e5c3ac9b70dfa540a3eace072d3f509efd53b99bf3714bfc82450d4
-
SSDEEP
6144:8cCz6qyCkpVXdvJP2GymFCU+4VTdEKtgtTjr2y:8cCz6qpkpVlJOjUCUBVTOj
Score10/10-
Latentbot family
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-