General
-
Target
JaffaCakes118_1c2d8c2ac9fd09df3926cfe823ff0b2d
-
Size
666KB
-
Sample
250704-ppxfpatkx6
-
MD5
1c2d8c2ac9fd09df3926cfe823ff0b2d
-
SHA1
eb84310ff71baee15b4c3bfb3259edee9302259f
-
SHA256
c281aea94813fce2301cac6e6f894a5ac5988deab4e3435473371dfed6bb7b39
-
SHA512
311d523a2c7e7141dc93d5e75814464d54e4f39ae8d7e5f45b61afb45b5b64acb1f316911f90b1f15d1cdf5e88aad336383783c54849336de7b951fe5c7287be
-
SSDEEP
12288:Ybll7v6ThVIpCJoLXO2Ap3Hr6YvFCjzaxB23DA6YGvADMF07i3z:YHvBpCibOzZHrRQjzq2zA6YGnF0
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_1c2d8c2ac9fd09df3926cfe823ff0b2d.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
JaffaCakes118_1c2d8c2ac9fd09df3926cfe823ff0b2d.exe
Resource
win11-20250619-en
Malware Config
Extracted
vidar
4.7
95
http://akademiastola.cc/
-
profile_id
95
Targets
-
-
Target
JaffaCakes118_1c2d8c2ac9fd09df3926cfe823ff0b2d
-
Size
666KB
-
MD5
1c2d8c2ac9fd09df3926cfe823ff0b2d
-
SHA1
eb84310ff71baee15b4c3bfb3259edee9302259f
-
SHA256
c281aea94813fce2301cac6e6f894a5ac5988deab4e3435473371dfed6bb7b39
-
SHA512
311d523a2c7e7141dc93d5e75814464d54e4f39ae8d7e5f45b61afb45b5b64acb1f316911f90b1f15d1cdf5e88aad336383783c54849336de7b951fe5c7287be
-
SSDEEP
12288:Ybll7v6ThVIpCJoLXO2Ap3Hr6YvFCjzaxB23DA6YGvADMF07i3z:YHvBpCibOzZHrRQjzq2zA6YGnF0
-
Vidar family
-
Vidar Stealer
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-