General
-
Target
JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b
-
Size
103KB
-
Sample
250127-sjvxfsvnak
-
MD5
40d7b58d9c4286a779df6e5aafbb2c7b
-
SHA1
1a9d219aebb82b8599240edc2c2e1c3ee72e7fe6
-
SHA256
a52c8b1bbe04a653860e8e4cedb0e752c6e117ab88846fa49c641a6b30b56c82
-
SHA512
399c137f38c150935f21da4ec508f1c4e2390799e0357a5a3bc9f42d2f261c012edb562bdece1be8e22a00b1ffd795bc72d88117775f6be733e1114cd3748178
-
SSDEEP
1536:HU6P6rUGWkXtcVd00Mo9bUvPE04RZmNnKe3OBmTZCKP+4eJmLI8WsY:YWkX6UckPE04s5h30IxPy/8TY
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_40d7b58d9c4286a779df6e5aafbb2c7b
-
Size
103KB
-
MD5
40d7b58d9c4286a779df6e5aafbb2c7b
-
SHA1
1a9d219aebb82b8599240edc2c2e1c3ee72e7fe6
-
SHA256
a52c8b1bbe04a653860e8e4cedb0e752c6e117ab88846fa49c641a6b30b56c82
-
SHA512
399c137f38c150935f21da4ec508f1c4e2390799e0357a5a3bc9f42d2f261c012edb562bdece1be8e22a00b1ffd795bc72d88117775f6be733e1114cd3748178
-
SSDEEP
1536:HU6P6rUGWkXtcVd00Mo9bUvPE04RZmNnKe3OBmTZCKP+4eJmLI8WsY:YWkX6UckPE04s5h30IxPy/8TY
Score10/10-
Modifies WinLogon for persistence
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-