General
-
Target
f0badb4014d0e5a24ffbf4fcf269eb88_JaffaCakes118
-
Size
606KB
-
Sample
240415-lbg73aah97
-
MD5
f0badb4014d0e5a24ffbf4fcf269eb88
-
SHA1
e5f1633464f46d4d0aebb9e222d5883a4ceff3cf
-
SHA256
c01e5aaf7540b2117aabcbce7d07c18b89c1d86ff5e0e34d5422f3cd35a738a2
-
SHA512
af6c06dfbfd402cf1f5d475bf2a84c0ac4a1f1df60b56e95a533d77e770bfc6fa05bf80fd32d71f48c4afb99c05bb621a69e801be04eb7da86f483c65a8bf1b8
-
SSDEEP
12288:2OXXLhhs2XAFjgYZaOEOAHhly6T6ebnpSXVnf0U0SJvoqnuUD:ryTAVTVpu30SJvo+uU
Malware Config
Targets
-
-
Target
f0badb4014d0e5a24ffbf4fcf269eb88_JaffaCakes118
-
Size
606KB
-
MD5
f0badb4014d0e5a24ffbf4fcf269eb88
-
SHA1
e5f1633464f46d4d0aebb9e222d5883a4ceff3cf
-
SHA256
c01e5aaf7540b2117aabcbce7d07c18b89c1d86ff5e0e34d5422f3cd35a738a2
-
SHA512
af6c06dfbfd402cf1f5d475bf2a84c0ac4a1f1df60b56e95a533d77e770bfc6fa05bf80fd32d71f48c4afb99c05bb621a69e801be04eb7da86f483c65a8bf1b8
-
SSDEEP
12288:2OXXLhhs2XAFjgYZaOEOAHhly6T6ebnpSXVnf0U0SJvoqnuUD:ryTAVTVpu30SJvo+uU
Score10/10-
Osiris
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-