General
-
Target
f9b951543094bfc1c2663ca773aaa4e2_JaffaCakes118
-
Size
202KB
-
Sample
240419-hfwz8scb2t
-
MD5
f9b951543094bfc1c2663ca773aaa4e2
-
SHA1
7385b54eae5b2f5b108d44e51cfd31703fe8bcbc
-
SHA256
82959f4bf2a53644932b3b06479d5bbaae461fd0757431db504ac76c715fa879
-
SHA512
2a1e0c60c752a1b6526d0fd3803e20b31c277f60a53fee68787b712a21a2e6a27508ec5a1c7879708053ed5dc977b5401a1199e71e7a431789068d69c6b2d992
-
SSDEEP
3072:6zEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HIlffO32vT/T6BQ1bxjOhdiinvR:6LV6Bta6dtJmakIM5yfO32vTj19B+3
Behavioral task
behavioral1
Sample
f9b951543094bfc1c2663ca773aaa4e2_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
nanocore
1.2.2.0
91.193.75.137:1604
daviscoleman899.ddns.net:1604
b265a3c1-2934-4b90-859a-e26e2e1435fd
-
activate_away_mode
true
-
backup_connection_host
daviscoleman899.ddns.net
-
backup_dns_server
8.8.4.4
-
buffer_size
65535
-
build_time
2020-01-17T04:09:16.659970336Z
-
bypass_user_account_control
true
- bypass_user_account_control_data
-
clear_access_control
true
-
clear_zone_identifier
false
-
connect_delay
4000
-
connection_port
1604
-
default_group
official
-
enable_debug_mode
true
-
gc_threshold
1.048576e+07
-
keep_alive_timeout
30000
-
keyboard_logging
false
-
lan_timeout
2500
-
max_packet_size
1.048576e+07
-
mutex
b265a3c1-2934-4b90-859a-e26e2e1435fd
-
mutex_timeout
5000
-
prevent_system_sleep
false
-
primary_connection_host
91.193.75.137
-
primary_dns_server
8.8.8.8
-
request_elevation
true
-
restart_delay
5000
-
run_delay
0
-
run_on_startup
true
-
set_critical_process
true
-
timeout_interval
5000
-
use_custom_dns_server
false
-
version
1.2.2.0
-
wan_timeout
8000
Targets
-
-
Target
f9b951543094bfc1c2663ca773aaa4e2_JaffaCakes118
-
Size
202KB
-
MD5
f9b951543094bfc1c2663ca773aaa4e2
-
SHA1
7385b54eae5b2f5b108d44e51cfd31703fe8bcbc
-
SHA256
82959f4bf2a53644932b3b06479d5bbaae461fd0757431db504ac76c715fa879
-
SHA512
2a1e0c60c752a1b6526d0fd3803e20b31c277f60a53fee68787b712a21a2e6a27508ec5a1c7879708053ed5dc977b5401a1199e71e7a431789068d69c6b2d992
-
SSDEEP
3072:6zEqV6B1jHa6dtJ10jgvzcgi+oG/j9iaMP2s/HIlffO32vT/T6BQ1bxjOhdiinvR:6LV6Bta6dtJmakIM5yfO32vTj19B+3
-