General
-
Target
JaffaCakes118_29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a
-
Size
721.0MB
-
Sample
241225-a9dfzssmfz
-
MD5
ee565419e54ff8de8d71828451689736
-
SHA1
96efd5bdd34d6d1718559af2402e171b346f4c77
-
SHA256
29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a
-
SHA512
69273467477303dfddc05a663f540968356e08d4aea7a4bd11510a5729dcd8ff80386754e3c7efadea532c7fe359fa6436782c350323bbf60c2efe1b005565f4
-
SSDEEP
98304:y9EALOORkif751Ic2+a8fsf7xrkKDCIwl7llkCwpqfRzWOmCuOONWiR:ydi4XrXa8f0533wlDlUepXi
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
JaffaCakes118_29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
raccoon
cf2a14f386eb5250ef280df942436e77
http://88.119.171.209/
-
user_agent
TakeMyPainBack
Targets
-
-
Target
JaffaCakes118_29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a
-
Size
721.0MB
-
MD5
ee565419e54ff8de8d71828451689736
-
SHA1
96efd5bdd34d6d1718559af2402e171b346f4c77
-
SHA256
29c4b60a24c0eef090b656c1a33b0284a778232f422a4fb400ce1975bf21d45a
-
SHA512
69273467477303dfddc05a663f540968356e08d4aea7a4bd11510a5729dcd8ff80386754e3c7efadea532c7fe359fa6436782c350323bbf60c2efe1b005565f4
-
SSDEEP
98304:y9EALOORkif751Ic2+a8fsf7xrkKDCIwl7llkCwpqfRzWOmCuOONWiR:ydi4XrXa8f0533wlDlUepXi
-
Raccoon family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-