General
-
Target
0c8caa346454bb05990d4fe63465da26_JaffaCakes118
-
Size
5.0MB
-
Sample
240501-xbq1rafg57
-
MD5
0c8caa346454bb05990d4fe63465da26
-
SHA1
538abbe156f1fe7172c33cdf175b8f1de0928363
-
SHA256
576a7304ba07169f98a28cbf3bd7631a9c17c1e7dba5ab5c49d0ae0aa7899fcb
-
SHA512
79ba22d1ee9ea8486cbb773a4387b3130d87bcde5e25ea7ad9c8471fe2a9a7199736df39d1a7f20767c31ae466d90b8439bd70d966572c55000bf58ee5cf93f8
-
SSDEEP
12288:U6bLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DxLN8:hbLgddQhfdmMSirYbcMNgef0mN
Static task
static1
Behavioral task
behavioral1
Sample
0c8caa346454bb05990d4fe63465da26_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0c8caa346454bb05990d4fe63465da26_JaffaCakes118.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0c8caa346454bb05990d4fe63465da26_JaffaCakes118
-
Size
5.0MB
-
MD5
0c8caa346454bb05990d4fe63465da26
-
SHA1
538abbe156f1fe7172c33cdf175b8f1de0928363
-
SHA256
576a7304ba07169f98a28cbf3bd7631a9c17c1e7dba5ab5c49d0ae0aa7899fcb
-
SHA512
79ba22d1ee9ea8486cbb773a4387b3130d87bcde5e25ea7ad9c8471fe2a9a7199736df39d1a7f20767c31ae466d90b8439bd70d966572c55000bf58ee5cf93f8
-
SSDEEP
12288:U6bLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DxLN8:hbLgddQhfdmMSirYbcMNgef0mN
Score10/10-
Modifies firewall policy service
-
Contacts a large (3239) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-