General
-
Target
JaffaCakes118_070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f
-
Size
726.6MB
-
Sample
241222-yweznaxme1
-
MD5
4a18eca46e5b202e614e5b0d69f6e9b3
-
SHA1
c8459e1dfa0eaf9bc64500c850ddfa2a1c91fdff
-
SHA256
070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f
-
SHA512
f032a449a0014737901ed74cd25a65eaddbad6c49bb27146790263de8a2987cd26f99b5e2bff0d6994ebe092188d513a9719177ca0debf570eecd9d169ed6a2f
-
SSDEEP
98304:RjRxgAbYvbDZhuIQRnm9hLeu6Snggd5erLaOB7At9Nd4WqVfqkezdQkjK/PTh:lRnbYvbDZh8RkLeOnGPalbsSAz3Th
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
raccoon
4d8caf3df626ca1a812c75113a24e797
http://45.153.243.16/
-
user_agent
TakeMyPainBack
Targets
-
-
Target
JaffaCakes118_070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f
-
Size
726.6MB
-
MD5
4a18eca46e5b202e614e5b0d69f6e9b3
-
SHA1
c8459e1dfa0eaf9bc64500c850ddfa2a1c91fdff
-
SHA256
070e276669c379bc0a2b8cf8bef518cd0a91a2b3dcf0e8ddb62339784581048f
-
SHA512
f032a449a0014737901ed74cd25a65eaddbad6c49bb27146790263de8a2987cd26f99b5e2bff0d6994ebe092188d513a9719177ca0debf570eecd9d169ed6a2f
-
SSDEEP
98304:RjRxgAbYvbDZhuIQRnm9hLeu6Snggd5erLaOB7At9Nd4WqVfqkezdQkjK/PTh:lRnbYvbDZh8RkLeOnGPalbsSAz3Th
-
Raccoon family
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-