General
-
Target
3856ef42d7ce6f8d6846d7dcdea1cc49_JaffaCakes118
-
Size
5.0MB
-
Sample
240512-ffvq3ahc91
-
MD5
3856ef42d7ce6f8d6846d7dcdea1cc49
-
SHA1
4c8b980864fba332a123ebfd54c162792fe5bfc7
-
SHA256
0425190cd56bfb638636057a1714fb3315da5046822e73ff4b1bfced0d92c229
-
SHA512
c0b1bc0441753a355b5d406aa45957c08b8934cc31c7020495b5e76427f8c7dc9cfba1ddbf5995cdacd85be44384e1f5bce297bd89caa3e8b59543f7bb016176
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P5ZyAVp2H:+DqPe1Cxcxk3ZAEUad7yc4H
Static task
static1
Behavioral task
behavioral1
Sample
3856ef42d7ce6f8d6846d7dcdea1cc49_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3856ef42d7ce6f8d6846d7dcdea1cc49_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
3856ef42d7ce6f8d6846d7dcdea1cc49_JaffaCakes118
-
Size
5.0MB
-
MD5
3856ef42d7ce6f8d6846d7dcdea1cc49
-
SHA1
4c8b980864fba332a123ebfd54c162792fe5bfc7
-
SHA256
0425190cd56bfb638636057a1714fb3315da5046822e73ff4b1bfced0d92c229
-
SHA512
c0b1bc0441753a355b5d406aa45957c08b8934cc31c7020495b5e76427f8c7dc9cfba1ddbf5995cdacd85be44384e1f5bce297bd89caa3e8b59543f7bb016176
-
SSDEEP
98304:+DqPoBhz1aRxcSUDk36SAEdhvxWa9P5ZyAVp2H:+DqPe1Cxcxk3ZAEUad7yc4H
Score10/10-
Contacts a large (3222) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-