General
-
Target
fb8387ea928b6fe38c43ddf01f672ac7_JaffaCakes118
-
Size
196KB
-
Sample
240420-at4y1abe55
-
MD5
fb8387ea928b6fe38c43ddf01f672ac7
-
SHA1
af4bdac6fb60d2d0cc0ce13fa781b9c11d4628ca
-
SHA256
7d202eeac4e080d9fdcb51cc89e9e8683fde3296c9d5b91aa58ea753ff1dda27
-
SHA512
7ea45e793485b1e3eae9743b46c8121241f5dde881a161d5a37974285b4e6f418ad7ed6a4e927b855d8983f7df1c60d774095ff421f7b2bb032245862c7faf18
-
SSDEEP
3072:QAvp/kF5DzcFYgqrGUX69qQvovAZEdGsiSU/VF7nWuMEaY5HzHJ1S9DYzLiaiE:XR/kjzc7flvoviEdG1FKupj5XgD39E
Static task
static1
Behavioral task
behavioral1
Sample
fb8387ea928b6fe38c43ddf01f672ac7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb8387ea928b6fe38c43ddf01f672ac7_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fb8387ea928b6fe38c43ddf01f672ac7_JaffaCakes118
-
Size
196KB
-
MD5
fb8387ea928b6fe38c43ddf01f672ac7
-
SHA1
af4bdac6fb60d2d0cc0ce13fa781b9c11d4628ca
-
SHA256
7d202eeac4e080d9fdcb51cc89e9e8683fde3296c9d5b91aa58ea753ff1dda27
-
SHA512
7ea45e793485b1e3eae9743b46c8121241f5dde881a161d5a37974285b4e6f418ad7ed6a4e927b855d8983f7df1c60d774095ff421f7b2bb032245862c7faf18
-
SSDEEP
3072:QAvp/kF5DzcFYgqrGUX69qQvovAZEdGsiSU/VF7nWuMEaY5HzHJ1S9DYzLiaiE:XR/kjzc7flvoviEdG1FKupj5XgD39E
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-