Behavioral task
behavioral1
Sample
Account Generator.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Account Generator.exe
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_13a1264ffcc8e8ed54f849db376330ca634c3312dd1ac12e7244f6705024eaa2
-
Size
28KB
-
MD5
2aa07750a7efe6930bfc8ce8a9587ebe
-
SHA1
53ff6ea7a2107db605ae65aa576c6a8660c3cf4e
-
SHA256
13a1264ffcc8e8ed54f849db376330ca634c3312dd1ac12e7244f6705024eaa2
-
SHA512
bdd1af1b596a79029e5326187b0465da1686c7c29561a80186ac37beca0b6be850de2f27a07136c1fad81c7d61d9b3a0f37abec26449b2453d6386849fe44b3a
-
SSDEEP
768:zCt/kaRMSdFc2Ha25uNRppx2n/3va+9FvFdmsApvr8BcuABVpFK24YD3N:zglWgpHa25kb2n/S+9zdmsApvrkcVpvx
Malware Config
Extracted
asyncrat
VenomRAT_HVNC 5.0.4
Venom Clients
192.168.1.167:8080
uJcmfciqm
-
delay
0
-
install
true
-
install_file
MicroSoftHealthTool.exe
-
install_folder
%AppData%
Signatures
Files
-
JaffaCakes118_13a1264ffcc8e8ed54f849db376330ca634c3312dd1ac12e7244f6705024eaa2.rar
-
Account Generator.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ