General

  • Target

    JaffaCakes118_87f72e4c1c61eb7baf0540e4088a127a

  • Size

    13.4MB

  • Sample

    250105-dsh7pazkat

  • MD5

    87f72e4c1c61eb7baf0540e4088a127a

  • SHA1

    ef8644512934bba4ac43498ee078945aabb2d2cf

  • SHA256

    6d6af288259fb769ab5ed93a44069e3a48607dbb20152f711e73faff8ec0a906

  • SHA512

    e2c6254e7a6761b4f2e67ea6c80eb784cd2f335f9c0db24a73b8b7a0a669dd61056adf94033d0c5e9205f33eb6b74ce2a4da6b61989cfd81dabcac1eac4b77cf

  • SSDEEP

    393216:Vth2EqbloYK1YbTACfECvvcgBZ7DCQPW:gEqydURf9BFDCQ

Score
7/10

Malware Config

Targets

    • Target

      JaffaCakes118_87f72e4c1c61eb7baf0540e4088a127a

    • Size

      13.4MB

    • MD5

      87f72e4c1c61eb7baf0540e4088a127a

    • SHA1

      ef8644512934bba4ac43498ee078945aabb2d2cf

    • SHA256

      6d6af288259fb769ab5ed93a44069e3a48607dbb20152f711e73faff8ec0a906

    • SHA512

      e2c6254e7a6761b4f2e67ea6c80eb784cd2f335f9c0db24a73b8b7a0a669dd61056adf94033d0c5e9205f33eb6b74ce2a4da6b61989cfd81dabcac1eac4b77cf

    • SSDEEP

      393216:Vth2EqbloYK1YbTACfECvvcgBZ7DCQPW:gEqydURf9BFDCQ

    Score
    7/10
    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks