General
-
Target
2d4a5c543b416f5456473650bc66d699_JaffaCakes118
-
Size
5.0MB
-
Sample
240510-evg8vaad9x
-
MD5
2d4a5c543b416f5456473650bc66d699
-
SHA1
343820a3130c2a38c604c96ed5bb7ae3b2da4318
-
SHA256
1f99061d149dd020b4c28258638e914750262c42962d58c8a638ee9023e7e4a9
-
SHA512
979220d5eb7b3727cd672ceff79c3632f658798de89442c10922b7df6a039eaca301034049e520b63f108b9a0adaffb8b1e0695646662f5ea8b8b1cb2538a15c
-
SSDEEP
98304:kDqPoBhz1aRxcSUDk36SAEdhvxWa9P593Rk:kDqPe1Cxcxk3ZAEUadzRk
Static task
static1
Behavioral task
behavioral1
Sample
2d4a5c543b416f5456473650bc66d699_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2d4a5c543b416f5456473650bc66d699_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2d4a5c543b416f5456473650bc66d699_JaffaCakes118
-
Size
5.0MB
-
MD5
2d4a5c543b416f5456473650bc66d699
-
SHA1
343820a3130c2a38c604c96ed5bb7ae3b2da4318
-
SHA256
1f99061d149dd020b4c28258638e914750262c42962d58c8a638ee9023e7e4a9
-
SHA512
979220d5eb7b3727cd672ceff79c3632f658798de89442c10922b7df6a039eaca301034049e520b63f108b9a0adaffb8b1e0695646662f5ea8b8b1cb2538a15c
-
SSDEEP
98304:kDqPoBhz1aRxcSUDk36SAEdhvxWa9P593Rk:kDqPe1Cxcxk3ZAEUadzRk
Score10/10-
Modifies firewall policy service
-
Contacts a large (3214) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-