General
-
Target
JaffaCakes118_ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420
-
Size
726.4MB
-
Sample
241224-wq4pqatjhv
-
MD5
b0f343f04f6eb8ce65a4a79b38cd11a5
-
SHA1
98b00d5cffdbda7ad6886c5b6b309457fefd2cdb
-
SHA256
ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420
-
SHA512
15d308792e323410fda01785dbb66ac3fa5d938d9a4ad47d8b1ad45fdfb65f7c227b34d6f7fc0f508d78c8060d528dc37b5cca74a54314bff09ddfae1a6592c5
-
SSDEEP
98304:6T5dSWpRcLuAp2k19qNs8aTSFbB4NEF47bKt1RHlNq7Sw1IfR0uWCY2Ao:6T5MWULuAH1X8aGBB4GKKt1RFNgApYK
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
JaffaCakes118_ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
raccoon
b3e62a345d90ee80b30dcc988ddc399f
http://51.255.211.208/
http://5.252.118.129/
-
user_agent
TakeMyPainBack
Targets
-
-
Target
JaffaCakes118_ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420
-
Size
726.4MB
-
MD5
b0f343f04f6eb8ce65a4a79b38cd11a5
-
SHA1
98b00d5cffdbda7ad6886c5b6b309457fefd2cdb
-
SHA256
ed17563a8301541dbde0819366190ff7c6566a417f0d5b348fc03771b8c86420
-
SHA512
15d308792e323410fda01785dbb66ac3fa5d938d9a4ad47d8b1ad45fdfb65f7c227b34d6f7fc0f508d78c8060d528dc37b5cca74a54314bff09ddfae1a6592c5
-
SSDEEP
98304:6T5dSWpRcLuAp2k19qNs8aTSFbB4NEF47bKt1RHlNq7Sw1IfR0uWCY2Ao:6T5MWULuAH1X8aGBB4GKKt1RFNgApYK
-
Raccoon family
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-