General
-
Target
ef5f70ac1f655839bc2548df4096f624_JaffaCakes118
-
Size
608KB
-
Sample
240414-ykq8jsbh85
-
MD5
ef5f70ac1f655839bc2548df4096f624
-
SHA1
988bfcea7ecee42e93b19c6340ac36ccc1a02f7d
-
SHA256
a52d8a09e19daf112729e3ca5ffcfedcff41e1282789c427024f42d37e19ba7a
-
SHA512
64910fb7d90d4b6d6e6b71b9a08dba130933c6f7c36fc04f9f4d3df249565ff7dfff397f56ec6ca42cd4b8245900018ea0ef656952748dc838b4c0c55724d038
-
SSDEEP
12288:eZGQdqOGJWJqydLqQSeCqsVK8kPRGO35N9mV2zXc6:eZ0IWjeCVVK8kP9N9oS
Static task
static1
Behavioral task
behavioral1
Sample
ef5f70ac1f655839bc2548df4096f624_JaffaCakes118.dll
Resource
win7-20240215-en
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
ef5f70ac1f655839bc2548df4096f624_JaffaCakes118
-
Size
608KB
-
MD5
ef5f70ac1f655839bc2548df4096f624
-
SHA1
988bfcea7ecee42e93b19c6340ac36ccc1a02f7d
-
SHA256
a52d8a09e19daf112729e3ca5ffcfedcff41e1282789c427024f42d37e19ba7a
-
SHA512
64910fb7d90d4b6d6e6b71b9a08dba130933c6f7c36fc04f9f4d3df249565ff7dfff397f56ec6ca42cd4b8245900018ea0ef656952748dc838b4c0c55724d038
-
SSDEEP
12288:eZGQdqOGJWJqydLqQSeCqsVK8kPRGO35N9mV2zXc6:eZ0IWjeCVVK8kP9N9oS
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-