General
-
Target
02a8cb29e8bf421eec0a09e43190b7f2_JaffaCakes118
-
Size
1.9MB
-
Sample
240427-hkz8fsdh8x
-
MD5
02a8cb29e8bf421eec0a09e43190b7f2
-
SHA1
b015091ad05b2a62eea9308797700f6d7fa013c2
-
SHA256
7d7a1cf7da7a68d3026b2919503c4fdc77bd83943d0c2e4ebf58251ad98adfae
-
SHA512
89a847d1a43e92b31a37107fd78c309a983fa181efbb150ef64f67154662fe0f9eca9f9ae4529b9968803123e9c8da0f1bc5ab88231583bb3360899a76dc0340
-
SSDEEP
49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p/pO2:NABH
Behavioral task
behavioral1
Sample
02a8cb29e8bf421eec0a09e43190b7f2_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
02a8cb29e8bf421eec0a09e43190b7f2_JaffaCakes118
-
Size
1.9MB
-
MD5
02a8cb29e8bf421eec0a09e43190b7f2
-
SHA1
b015091ad05b2a62eea9308797700f6d7fa013c2
-
SHA256
7d7a1cf7da7a68d3026b2919503c4fdc77bd83943d0c2e4ebf58251ad98adfae
-
SHA512
89a847d1a43e92b31a37107fd78c309a983fa181efbb150ef64f67154662fe0f9eca9f9ae4529b9968803123e9c8da0f1bc5ab88231583bb3360899a76dc0340
-
SSDEEP
49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p/pO2:NABH
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
XMRig Miner payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-