General
-
Target
32ee66c4429dcf2d8ee58b84e1578c98_JaffaCakes118
-
Size
3.8MB
-
Sample
240511-f2zxxaff3y
-
MD5
32ee66c4429dcf2d8ee58b84e1578c98
-
SHA1
4d1e8785adf71b8f667866ca55b2aba7eb003554
-
SHA256
21bab8fbaeb10e39b77532465d0555fd5592e3250b3c4b8f1f59ecfdcce3351e
-
SHA512
d3a2c31a9c62e28f7c9c1d7454cfaa1ecd6c5dbdbc79f9258c9e90b4541a03a745686ee7f7768c39d02e37d662f428244b91729bbb6c45407ca7a75bd6659666
-
SSDEEP
98304:aExvHP9hrznczkhW79Za3DmzX46I3YmpPRdF1s:7fl9cgc5Za3DmzX4HtpPns
Malware Config
Targets
-
-
Target
32ee66c4429dcf2d8ee58b84e1578c98_JaffaCakes118
-
Size
3.8MB
-
MD5
32ee66c4429dcf2d8ee58b84e1578c98
-
SHA1
4d1e8785adf71b8f667866ca55b2aba7eb003554
-
SHA256
21bab8fbaeb10e39b77532465d0555fd5592e3250b3c4b8f1f59ecfdcce3351e
-
SHA512
d3a2c31a9c62e28f7c9c1d7454cfaa1ecd6c5dbdbc79f9258c9e90b4541a03a745686ee7f7768c39d02e37d662f428244b91729bbb6c45407ca7a75bd6659666
-
SSDEEP
98304:aExvHP9hrznczkhW79Za3DmzX46I3YmpPRdF1s:7fl9cgc5Za3DmzX4HtpPns
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-