General
-
Target
e38762223f23dd3373ba4bff00f94c7a_JaffaCakes118
-
Size
515KB
-
Sample
240406-3bs31adh7x
-
MD5
e38762223f23dd3373ba4bff00f94c7a
-
SHA1
4689e1ce8b0377527b174c9b0e6f6b2d3f3771ab
-
SHA256
4a6f525c5728145789924c96d5c8786dde14054a1d2a39db9c22fa8b30db0d6e
-
SHA512
71cf734d2cdbcac81fd13e9dd84aeb59e90f92912687ed3020c08712ed5207da558f06e7891d49d921697cbfee29d8c3578fac08fdceacf454e4e6295c3baada
-
SSDEEP
12288:YBIL6hD2x/HAWbR2zS4si0O1A83u2BSDoCqKcty:Yw6uHAW92zt/0Wu2BSMCqD
Malware Config
Targets
-
-
Target
e38762223f23dd3373ba4bff00f94c7a_JaffaCakes118
-
Size
515KB
-
MD5
e38762223f23dd3373ba4bff00f94c7a
-
SHA1
4689e1ce8b0377527b174c9b0e6f6b2d3f3771ab
-
SHA256
4a6f525c5728145789924c96d5c8786dde14054a1d2a39db9c22fa8b30db0d6e
-
SHA512
71cf734d2cdbcac81fd13e9dd84aeb59e90f92912687ed3020c08712ed5207da558f06e7891d49d921697cbfee29d8c3578fac08fdceacf454e4e6295c3baada
-
SSDEEP
12288:YBIL6hD2x/HAWbR2zS4si0O1A83u2BSDoCqKcty:Yw6uHAW92zt/0Wu2BSMCqD
Score7/10-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-