General
-
Target
d392d9bfb7046189dc7bd9783a1602ae_JaffaCakes118
-
Size
264KB
-
Sample
240405-phyeeacd63
-
MD5
d392d9bfb7046189dc7bd9783a1602ae
-
SHA1
884ebbad69a4d9e3ce5973514c5c6d77f4d672a4
-
SHA256
cf3537f8d24f8b59848c996f0fb94fd8f81bebd4a9baa8e1922f635eadc2d33e
-
SHA512
fb3d8166ce2f4f0a54b4b87922a75c693694309062eb17eed2ed2d03e052e2517c77231f18199bfa5d3f1f5d36a4aedf2d0696c913bdf4b60256cf529237ee86
-
SSDEEP
3072:ymYbl8903DaYlAYwgz88ereWn/7w05g0ZMcB3RUN46ILJ9+ZB5yOantr:ymC3DaYlAJ8er1nzTkr2r
Behavioral task
behavioral1
Sample
d392d9bfb7046189dc7bd9783a1602ae_JaffaCakes118.msi
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
d392d9bfb7046189dc7bd9783a1602ae_JaffaCakes118.msi
Resource
win10v2004-20231215-en
Malware Config
Extracted
latam_generic_downloader
https://indpembrrday.s3.sa-east-1.amazonaws.com/received.pro2
Targets
-
-
Target
d392d9bfb7046189dc7bd9783a1602ae_JaffaCakes118
-
Size
264KB
-
MD5
d392d9bfb7046189dc7bd9783a1602ae
-
SHA1
884ebbad69a4d9e3ce5973514c5c6d77f4d672a4
-
SHA256
cf3537f8d24f8b59848c996f0fb94fd8f81bebd4a9baa8e1922f635eadc2d33e
-
SHA512
fb3d8166ce2f4f0a54b4b87922a75c693694309062eb17eed2ed2d03e052e2517c77231f18199bfa5d3f1f5d36a4aedf2d0696c913bdf4b60256cf529237ee86
-
SSDEEP
3072:ymYbl8903DaYlAYwgz88ereWn/7w05g0ZMcB3RUN46ILJ9+ZB5yOantr:ymC3DaYlAJ8er1nzTkr2r
Score6/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-