General
-
Target
12eeb15b25510e632e27a0aab98e4ec4_JaffaCakes118
-
Size
5.0MB
-
Sample
240504-qpgkxafb4z
-
MD5
12eeb15b25510e632e27a0aab98e4ec4
-
SHA1
05e03714369de5050f75bd8fab609f15197743f2
-
SHA256
5f6d6a6548884d0efc29d1019600fabe79dceebdd1eb6f43cd6c6f825c299114
-
SHA512
2fa8dc20f661f90ed8fe52a9fc6383826c93c44791a6aa2aea9abb0815d8b6727faf5ae0f15075ccb78f1682f732b5fbe35a4cefc033a0c5c389b96c5f12c673
-
SSDEEP
49152:CnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAC:uDqPoBhz1aRxcSUDk36SAz
Static task
static1
Behavioral task
behavioral1
Sample
12eeb15b25510e632e27a0aab98e4ec4_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
12eeb15b25510e632e27a0aab98e4ec4_JaffaCakes118.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
12eeb15b25510e632e27a0aab98e4ec4_JaffaCakes118
-
Size
5.0MB
-
MD5
12eeb15b25510e632e27a0aab98e4ec4
-
SHA1
05e03714369de5050f75bd8fab609f15197743f2
-
SHA256
5f6d6a6548884d0efc29d1019600fabe79dceebdd1eb6f43cd6c6f825c299114
-
SHA512
2fa8dc20f661f90ed8fe52a9fc6383826c93c44791a6aa2aea9abb0815d8b6727faf5ae0f15075ccb78f1682f732b5fbe35a4cefc033a0c5c389b96c5f12c673
-
SSDEEP
49152:CnAQqMSPbcBVQej/1INRx+TSqTdX1HkQo6SAAC:uDqPoBhz1aRxcSUDk36SAz
Score10/10-
Modifies firewall policy service
-
Contacts a large (3302) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-