General
-
Target
0ea36bdad02e2c61549b71b05923cd65_JaffaCakes118
-
Size
5.0MB
-
Sample
240502-qs211sca68
-
MD5
0ea36bdad02e2c61549b71b05923cd65
-
SHA1
27481e4db4c2ba0636a9364ee5eac9c8030759f0
-
SHA256
289c9fcdb0b20438bdad52ba89075c3587d21c6f46d9705df4e1d8ce33d617cc
-
SHA512
2eb0ca1681096d4a5f7462ba28e9ae0fb26ba1d0a1a01afdfbed7b29278bce94be131da86f7217dab366314bde542a7abaa38a3245a48c556efda674283492bb
-
SSDEEP
12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFO:SbLgddQhfdmMSirYbcMNgef0QeQjG
Static task
static1
Behavioral task
behavioral1
Sample
0ea36bdad02e2c61549b71b05923cd65_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0ea36bdad02e2c61549b71b05923cd65_JaffaCakes118.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0ea36bdad02e2c61549b71b05923cd65_JaffaCakes118
-
Size
5.0MB
-
MD5
0ea36bdad02e2c61549b71b05923cd65
-
SHA1
27481e4db4c2ba0636a9364ee5eac9c8030759f0
-
SHA256
289c9fcdb0b20438bdad52ba89075c3587d21c6f46d9705df4e1d8ce33d617cc
-
SHA512
2eb0ca1681096d4a5f7462ba28e9ae0fb26ba1d0a1a01afdfbed7b29278bce94be131da86f7217dab366314bde542a7abaa38a3245a48c556efda674283492bb
-
SSDEEP
12288:yvbLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUjEXFO:SbLgddQhfdmMSirYbcMNgef0QeQjG
Score10/10-
Contacts a large (3273) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-