General
-
Target
JaffaCakes118_43705e199165c7555981fd76c017cb69
-
Size
142KB
-
Sample
250127-zbry6avjgs
-
MD5
43705e199165c7555981fd76c017cb69
-
SHA1
9ee2894c3c2e2d0fde789ff04bff72a72800e8f1
-
SHA256
e4b876634e7b5d74df61d0a17ad44bea4b348d22fce9b5c0f8190e22d0321468
-
SHA512
d0ca71df53b553282a6fe6ec58f2bbc0e458a104172b6b9d82d6b873fe1ecb2a5df14d110d00bad492b014298b469204b911ebc352100f1794b7900a35b993a6
-
SSDEEP
3072:VRD2vx4t2pU17CRDW2PTgagnLE5vqfGGEHklCv54:bD2Z4SUuD3QE5fGxlCm
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_43705e199165c7555981fd76c017cb69.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
JaffaCakes118_43705e199165c7555981fd76c017cb69.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_43705e199165c7555981fd76c017cb69
-
Size
142KB
-
MD5
43705e199165c7555981fd76c017cb69
-
SHA1
9ee2894c3c2e2d0fde789ff04bff72a72800e8f1
-
SHA256
e4b876634e7b5d74df61d0a17ad44bea4b348d22fce9b5c0f8190e22d0321468
-
SHA512
d0ca71df53b553282a6fe6ec58f2bbc0e458a104172b6b9d82d6b873fe1ecb2a5df14d110d00bad492b014298b469204b911ebc352100f1794b7900a35b993a6
-
SSDEEP
3072:VRD2vx4t2pU17CRDW2PTgagnLE5vqfGGEHklCv54:bD2Z4SUuD3QE5fGxlCm
Score10/10-
Modifies WinLogon for persistence
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-