General
-
Target
33a0d480fba471d818f9b3a313f44bb2_JaffaCakes118
-
Size
4KB
-
Sample
240511-j6dr1sah26
-
MD5
33a0d480fba471d818f9b3a313f44bb2
-
SHA1
9ff5d1b8488e0425640bfe0b9cd4af87a43dd291
-
SHA256
949265ab13d00d390f0c8d057b353e9bf1eb23a4a4cc581c69bee8301107e1de
-
SHA512
c47a945bf20ff339d86e6ced75f389050ab318daae1658b8ca8fb8c9642866a43d076a5e194c4335bf69a7253bf107783743f6714650ea18d97e58a8e73ce939
-
SSDEEP
48:p8lXq/rLRZ10SM8oxF83KEF5Vo76kxJTY4oZoR7usj1LURgCFzbpXlldGO:8Z7qg1jRWV
Static task
static1
Behavioral task
behavioral1
Sample
33a0d480fba471d818f9b3a313f44bb2_JaffaCakes118.ps1
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
33a0d480fba471d818f9b3a313f44bb2_JaffaCakes118.ps1
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://103.125.218.107/b2f627/svcupdate.exe
http://global.bitmex.com.de/b2f627fff19fda/svcupdate.exe
http://103.125.218.107/b2f627/config.json
http://global.bitmex.com.de/b2f627fff19fda/config.json
http://103.125.218.107/b2f627/svcworkmanager.exe
http://global.bitmex.com.de/b2f627fff19fda/svcworkmanager.exe
http://103.125.218.107/b2f627/newsvc.ps1
http://global.bitmex.com.de/b2f627fff19fda/newsvc.ps1
http://103.125.218.107/b2f627/svcguard.exe
http://global.bitmex.com.de/b2f627fff19fda/svcguard.exe
http://103.125.218.107/b2f627/clean.bat
http://global.bitmex.com.de/b2f627fff19fda/clean.bat
Targets
-
-
Target
33a0d480fba471d818f9b3a313f44bb2_JaffaCakes118
-
Size
4KB
-
MD5
33a0d480fba471d818f9b3a313f44bb2
-
SHA1
9ff5d1b8488e0425640bfe0b9cd4af87a43dd291
-
SHA256
949265ab13d00d390f0c8d057b353e9bf1eb23a4a4cc581c69bee8301107e1de
-
SHA512
c47a945bf20ff339d86e6ced75f389050ab318daae1658b8ca8fb8c9642866a43d076a5e194c4335bf69a7253bf107783743f6714650ea18d97e58a8e73ce939
-
SSDEEP
48:p8lXq/rLRZ10SM8oxF83KEF5Vo76kxJTY4oZoR7usj1LURgCFzbpXlldGO:8Z7qg1jRWV
Score8/10-
Blocklisted process makes network request
-