General
-
Target
fae8d22926ee59a5bad0235fc8a05e8e_JaffaCakes118
-
Size
6.6MB
-
Sample
240419-1vdrbahd51
-
MD5
fae8d22926ee59a5bad0235fc8a05e8e
-
SHA1
b947cc2c2ee4e487e1d704dc7064d6c0063b99f1
-
SHA256
0b09c1b778ef42ac2b7c2850418d71c8bc25372273fb8245745ddae5498c493a
-
SHA512
a87724ca92fb7529fc39bd95d69248838506600c6751b6c9be36a8fe042eac761c878b4e18e6d3bba8a60e6a0e271b476c939c7c4b16e564baa77ce56a6caf55
-
SSDEEP
196608:HyMJPmCsXDjDyf6L2WliXYrHW1L0AFKe7ChS:lPmCEDVL2ciIrHWR7Ke7a
Behavioral task
behavioral1
Sample
fae8d22926ee59a5bad0235fc8a05e8e_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
Token_by_Wallax.pyc
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fae8d22926ee59a5bad0235fc8a05e8e_JaffaCakes118
-
Size
6.6MB
-
MD5
fae8d22926ee59a5bad0235fc8a05e8e
-
SHA1
b947cc2c2ee4e487e1d704dc7064d6c0063b99f1
-
SHA256
0b09c1b778ef42ac2b7c2850418d71c8bc25372273fb8245745ddae5498c493a
-
SHA512
a87724ca92fb7529fc39bd95d69248838506600c6751b6c9be36a8fe042eac761c878b4e18e6d3bba8a60e6a0e271b476c939c7c4b16e564baa77ce56a6caf55
-
SSDEEP
196608:HyMJPmCsXDjDyf6L2WliXYrHW1L0AFKe7ChS:lPmCEDVL2ciIrHWR7Ke7a
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Token_by_Wallax.pyc
-
Size
7KB
-
MD5
8e3cecc5f796e1c85c5b29653deb9c13
-
SHA1
4bf455ba088f0895b68e1da8573450b9576f1797
-
SHA256
7e76c01189748d0e7b8413e1c206abe2228eac9ef8ebf86bfa2de67262a320fa
-
SHA512
b45f4092d2c8f6963ff33bbba65e5e8c457e99bf8097f574f97fdcbfbed48769bb5e1a429dc0479d549bbdd6153038decf10b866d99345bef1ee6d222ce32e53
-
SSDEEP
96:lIxJhc8Z6+sQC+nfa+Qy79VaE1dTBOOqDyEl8fp7hMzR/akWwFivsKlWbv:avhZZ6+s+r3GEfTxDoA7h8R/ZlPSWj
Score3/10 -