General
-
Target
fa1a5ab1280ed5e42c92ef71a4338710_JaffaCakes118
-
Size
6.7MB
-
Sample
240419-mh78hagd42
-
MD5
fa1a5ab1280ed5e42c92ef71a4338710
-
SHA1
4a7f388bada74ad6802f445507da4a7a38416e59
-
SHA256
f9c1f5f5a666843d1b7b1bbf622fbd8e701a8c7c7d734df82caea1285cbe12da
-
SHA512
00014595976b14d3637dff086400a5d51ba5a394d14498cf786e70770d3ab31706006529d4035b99a163c3e5d5cc531676a38b5446925719611895c05e979b75
-
SSDEEP
196608:w3YPmCsXDjDyf6L2WliXYrHW1L0tFKNf+gVHy:mYPmCEDVL2ciIrHWRkK9+q
Behavioral task
behavioral1
Sample
fa1a5ab1280ed5e42c92ef71a4338710_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
fa1a5ab1280ed5e42c92ef71a4338710_JaffaCakes118
-
Size
6.7MB
-
MD5
fa1a5ab1280ed5e42c92ef71a4338710
-
SHA1
4a7f388bada74ad6802f445507da4a7a38416e59
-
SHA256
f9c1f5f5a666843d1b7b1bbf622fbd8e701a8c7c7d734df82caea1285cbe12da
-
SHA512
00014595976b14d3637dff086400a5d51ba5a394d14498cf786e70770d3ab31706006529d4035b99a163c3e5d5cc531676a38b5446925719611895c05e979b75
-
SSDEEP
196608:w3YPmCsXDjDyf6L2WliXYrHW1L0tFKNf+gVHy:mYPmCEDVL2ciIrHWRkK9+q
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-