General
-
Target
0233381ae13c6980be0c49869a063473_JaffaCakes118
-
Size
2.3MB
-
Sample
240427-ct7e8saa2t
-
MD5
0233381ae13c6980be0c49869a063473
-
SHA1
eae9373be88050908c46f8f9cf5ff068a0f89911
-
SHA256
f2eb6be7b8a24c50b7f0dd08e03dc0cfbe159fa66c2b005cd877e13819638c9e
-
SHA512
51b92b4abbae1c5f64ee5fa566705ac9001137fb437a8db7b6bec97a819b3b089eceb4e6d14daff51a8bc7c53816108036f2ab24e36c80559bded72c6b886bf5
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTWsuT9cRbyl1:NAB+
Behavioral task
behavioral1
Sample
0233381ae13c6980be0c49869a063473_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
0233381ae13c6980be0c49869a063473_JaffaCakes118
-
Size
2.3MB
-
MD5
0233381ae13c6980be0c49869a063473
-
SHA1
eae9373be88050908c46f8f9cf5ff068a0f89911
-
SHA256
f2eb6be7b8a24c50b7f0dd08e03dc0cfbe159fa66c2b005cd877e13819638c9e
-
SHA512
51b92b4abbae1c5f64ee5fa566705ac9001137fb437a8db7b6bec97a819b3b089eceb4e6d14daff51a8bc7c53816108036f2ab24e36c80559bded72c6b886bf5
-
SSDEEP
49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82g1Vr5s1PTWsuT9cRbyl1:NAB+
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-