General
-
Target
JaffaCakes118_16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d
-
Size
726.3MB
-
Sample
241225-cwyacavkev
-
MD5
1cacf33ff276840ce542d327ae03fe90
-
SHA1
84b445d37ef3eb9b0d3f2785680cdafe0eb46124
-
SHA256
16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d
-
SHA512
8c1aafc973fef11ecf934440c71324d7bd03b2f6db4830d0d646ea2f85ada280c3bde9469bdfa82ad74e891705c21149862ce1518f04bb0edd656e0182322aa0
-
SSDEEP
98304:SIDaz0xN5QUbTNXlQGZhJEDPsIepyA1Io7C7n1Ncf16hriIQNocO43yCrftOCe4:SIjQUJoPsIep6o7cyWOthdNe4
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
raccoon
b3e62a345d90ee80b30dcc988ddc399f
http://170.75.168.118/
http://85.192.63.125/
http://51.195.166.172/
-
user_agent
mozzzzzzzzzzz
Targets
-
-
Target
JaffaCakes118_16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d
-
Size
726.3MB
-
MD5
1cacf33ff276840ce542d327ae03fe90
-
SHA1
84b445d37ef3eb9b0d3f2785680cdafe0eb46124
-
SHA256
16b4acb99f7db76d5d75b9e960df5e2c13f23c2dad48d81d3e6093a0b4726d4d
-
SHA512
8c1aafc973fef11ecf934440c71324d7bd03b2f6db4830d0d646ea2f85ada280c3bde9469bdfa82ad74e891705c21149862ce1518f04bb0edd656e0182322aa0
-
SSDEEP
98304:SIDaz0xN5QUbTNXlQGZhJEDPsIepyA1Io7C7n1Ncf16hriIQNocO43yCrftOCe4:SIjQUJoPsIep6o7cyWOthdNe4
-
Raccoon family
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-