General
-
Target
JaffaCakes118_14286f5d33d5d0db8c2cf853588105de
-
Size
136KB
-
Sample
250106-hffcgs1pdn
-
MD5
14286f5d33d5d0db8c2cf853588105de
-
SHA1
0054237732dfb296e5b5429886a057e4374c1515
-
SHA256
0bf8feda9e131c4b5bc7b17218880c3a492f702fa9fd6dc9d10f5a62a72aa08a
-
SHA512
f8169fc9ed525a268dca75f6e1e836fae00dabe3876aaf4766d21cf8d883fa91f0e4a6c8c9fcee3daec6ac6db0100614e7bbf0720b9015cd98015043dafe627d
-
SSDEEP
1536:jSMJImKSOog+MxVnWzC5sWgzb7W/MEA6Jm2taMMco3v:ll1OogjVnQCia/lAYVi
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_14286f5d33d5d0db8c2cf853588105de.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_14286f5d33d5d0db8c2cf853588105de.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_14286f5d33d5d0db8c2cf853588105de
-
Size
136KB
-
MD5
14286f5d33d5d0db8c2cf853588105de
-
SHA1
0054237732dfb296e5b5429886a057e4374c1515
-
SHA256
0bf8feda9e131c4b5bc7b17218880c3a492f702fa9fd6dc9d10f5a62a72aa08a
-
SHA512
f8169fc9ed525a268dca75f6e1e836fae00dabe3876aaf4766d21cf8d883fa91f0e4a6c8c9fcee3daec6ac6db0100614e7bbf0720b9015cd98015043dafe627d
-
SSDEEP
1536:jSMJImKSOog+MxVnWzC5sWgzb7W/MEA6Jm2taMMco3v:ll1OogjVnQCia/lAYVi
Score10/10-
Guloader family
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-