General
-
Target
eace6cd84265058817841921eb59d13a_JaffaCakes118
-
Size
663KB
-
Sample
240410-lzrfmsee9x
-
MD5
eace6cd84265058817841921eb59d13a
-
SHA1
f775412ce8d51fbce4d8b589a7bacb9470487daa
-
SHA256
1c0e9c19952db42f2e8b9b8c158e1d761e1d58a548eda1b09984a510ed9c7541
-
SHA512
105c9bdd3cbccd4c2b1b50f84e4322b7438d8896830157236c6276271528f89adafd8c71cc5645ce3829415e66e283ace9a37e844bb1ee0385f5c02716cc787f
-
SSDEEP
12288:FgEZDdRJJSlTCRU2amM90djFPogwEl11SnuTCK8OiyZkx1bdi+S76q4tjjIy:FPQlTCRHdBPJ/Qn68OiyZiyR4tPIy
Static task
static1
Behavioral task
behavioral1
Sample
eace6cd84265058817841921eb59d13a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
cryptbot
ewaumk24.top
morzup02.top
-
payload_url
http://winqoz02.top/download.php?file=lv.exe
Targets
-
-
Target
eace6cd84265058817841921eb59d13a_JaffaCakes118
-
Size
663KB
-
MD5
eace6cd84265058817841921eb59d13a
-
SHA1
f775412ce8d51fbce4d8b589a7bacb9470487daa
-
SHA256
1c0e9c19952db42f2e8b9b8c158e1d761e1d58a548eda1b09984a510ed9c7541
-
SHA512
105c9bdd3cbccd4c2b1b50f84e4322b7438d8896830157236c6276271528f89adafd8c71cc5645ce3829415e66e283ace9a37e844bb1ee0385f5c02716cc787f
-
SSDEEP
12288:FgEZDdRJJSlTCRU2amM90djFPogwEl11SnuTCK8OiyZkx1bdi+S76q4tjjIy:FPQlTCRHdBPJ/Qn68OiyZiyR4tPIy
-
CryptBot payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-